Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            MySQL Logs Configuration from Linux

            Modified on Thu, 5 Feb at 10:20 PM


            TABLE OF CONTENTS


            Overview

            This article explains how to configure and verify syslogs from MySQL logs on a Linux-based MySQL server to the ADR CCE Collector.


            Requirements

            • Admin access to the Linux-based MySQL server.
            • The path on the MySQL server where logs are stored (example: /var/log/httpd/access_log).
            • Access to ADR CCE command line with the seceon user (If you haven't received the password, please contact ARIA support).
            • Access to the ADR Platform GUI.

            Instructions

            This process comprises the three steps listed below:

            1. Configuration of MySQL logs from the Linux-based server to the CCE
            2. Verify the MySQL logs being received at ADR CCE (Command Line)
            3. Verify the MySQL logs being processed by ADR Platform (GUI)


            MySQL Logs Configuration

            1. Login to MySQL (running on Linux) as the admin user.
            2. Open the rsyslog.conf file using:
              vi /etc/rsyslog.conf
            3. Add or uncomment the following lines:
              $ModLoad imfile

#### GLOBAL DIRECTIVES ####

$InputFileName /var/log/mysql/*.log
$InputFileTag mysql_logs:
$InputFileStateFile state-mysql-access
$InputRunFileMonitor
            4. Configure the CCE IP at the end of the /etc/rsyslog.conf file:
              #*.* @@remote-host:514
# ### end of the forwarding rule ###

*.* @CCE_IP:514
            5. Save the file:
              :wq!
            6. Restart rsyslog:
              service rsyslog restart
            7. Check rsyslog status:
              service rsyslog status

            Verification

            At the Command Line

            1. Login to the ADR CCE via SSH as the seceon user.
            2. Run:
              sudo tcpdump -i any host MySQLDeviceIP and port 514 -XX
            3. Examine the logs displayed to ensure they are MySQL DB logs.
            4. Press CTRL+C to stop the capture.
            5. If logs are not correct, return to the MySQL server and verify configuration.


            At the GUI

            1. Login to UI → SYSTEMLOGS AND FLOWS COLLECTION STATUS.

            2. Select LOGS AND FLOWS COLLECTION STATUS.
            3. Inside SOURCE DEVICE IP, the IP should be visible.

            If you see data after generating this report, the setup is complete. If not, please review the configurations.

            For any issues or assistance, please contact the ARIA Support team.

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0