SHIFT

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


manageengineeventloganalyzerinstallation
Differences

This shows you the differences between two versions of the page.

Link to this comparison view

manageengineeventloganalyzerinstallation [2013/04/21 20:17] (current)
sjoerd created
Line 1: Line 1:
 += ManageEngine EventLog Analyzer 7 Installation =
  
 +Download the appropriate version from http://​www.eventloganalyzer.com/​download.html,​ note that there are different editions for 32 and 64 bit systems.
 +Start the installation by following these steps:
 +* Assign execute permission using the command: chmod a+x <​file_name>​.bin
 +* Execute the following command: ./<​file_name>​Bin -console
 +
 +> Note: if you install from a graphical console skip the -console option
 +
 +> Note: During installation if you get an error message stating that the temp folder does not have enough space, try executing this command with the -is:tempdir <​directory_name>​ option, where <​directory_name>​ is the absolute path of an existing directory. ./<​file_name>​Bin -is:tempdir <​directory_name>​
 +
 +Follow the steps on the screen to continue the installation:​
 +<​code>​
 +[root@syslog tmp]# ./​ManageEngine_EventLogAnalyzer.bin -console
 +InstallShield Wizard
 +
 +Initializing InstallShield Wizard...
 +
 +Searching for Java(tm) Virtual Machine...
 +.
 +Preparing Java(tm) Virtual Machine...
 +..................................
 +...................................
 +...................................
 +...................................
 +...................................
 +...................................
 +...................................
 +...................................
 +......................
 +-------------------------------------------------------------------------------
 +
 +
 + ​Welcome to the InstallShield Wizard for
 +
 +ManageEngine EventLog Analyzer is a web-based, real-time monitoring, and event
 +management solution. EventLog Analyzer collects event logs from Windows, UNIX,
 +and Linux systems across distributed servers and workstations across your
 +network using an agent-less architecture. With EventLog Analyzer you can
 +generate extensive reports that help in analyzing and troubleshooting system
 +problems, with least impact on network performance.
 +
 +
 +The InstallShield Wizard will install on your computer. To continue, click
 +Next.
 +
 + ​Please Note: The minimum system requirements for are
 +       1GHz Pentium 4 processor or equivalent
 +       2 GB of RAM
 +       5 GB of disk space
 +       ​Monitor that supports 1024x768 resolution
 +
 +Press ENTER to read the text [Type q to quit]
 +
 +
 + For more information,​ please contact us at eventlog-support@manageengine.com
 +
 +Press 1 for Next, 3 to Cancel or 4 to Redisplay [1] 1
 +
 +Loading License Agreement ...
 +
 +-------------------------------------------------------------------------------
 +ManageEngine EventLog Analyzer 7
 +
 +Copyright (c) 2011 ZOHO All rights reserved.
 +
 +This License Agreement details the policy for license of ManageEngine EventLog
 +Analyzer (Licensed Software) on the following topics:
 +
 +(1) Evaluation License
 +(2) Commercial License
 +(3) Technical Support
 +
 +...<​cut>​...
 +
 +Please choose from the following options:
 +
 +[ ] 1 - I accept the terms of the license agreement.
 +[X] 2 - I do not accept the terms of the license agreement.
 +
 +To select an item enter its number, or 0 when you are finished: [0] 1
 +
 +
 +[X] 1 - I accept the terms of the license agreement.
 +[ ] 2 - I do not accept the terms of the license agreement.
 +
 +To select an item enter its number, or 0 when you are finished: [0]
 +
 +
 +
 +Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] 1
 +
 +-------------------------------------------------------------------------------
 +
 +Choose the EventLog Analyzer Edition.
 +
 +[X] 1 - Standalone Edition
 +        Suitable for Small - Medium Business (SMB) requiring single installation.
 +        Analyze unlimited hosts/​applications with Premium features. Trail version
 +        valid for 30 days, beyond which it automatically becomes a Free Edition.
 +
 +[ ] 2 - Distributed Edition
 +        Suitable for Large Enterprise for high scalability. Includes all Premium
 +        features plus distribution capability. Provision for the multiple
 +        installations of EventLog Analyzer and provides consolidated view through
 +        Admin Server Web Console. Trial version expires in 30 days.
 +
 +To select an item enter its number, or 0 when you are finished: [0]
 +
 +
 +Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] 1
 +
 +-------------------------------------------------------------------------------
 + ​Install Location
 +
 +Please specify a directory or press Enter to accept the default directory.
 +
 +Directory Name: [/​root/​ManageEngine/​EventLog] /​opt/​ManageEngine/​EventLog
 +
 +Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
 +
 +-------------------------------------------------------------------------------
 +Enter the EventLog Analyzer Web Server Port [8400]
 +
 +
 +EventLog Analyzer uses 8400 as the default web server port. If you want to run
 +it on a different port please specify the same here.
 +
 +Select the language to localize
 +
 +[X] 1 - English
 +[ ] 2 - Japanese
 +[ ] 3 - Simplified Chinese
 +[ ] 4 - Traditional Chinese
 +[ ] 5 - Other
 +
 +To select an item enter its number, or 0 when you are finished: [0]
 +
 +
 +Note : Please ensure that the Browser settings supports the language chosen.
 +
 +Select the Web Protocol
 +
 +[X] 1 - http
 +[ ] 2 - https
 +
 +To select an item enter its number, or 0 when you are finished: [0]
 +
 +
 +Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
 +
 +-------------------------------------------------------------------------------
 +Please select the checkbox if the product is to be installed as a service
 +
 +[ ] 1 - Install EventLog Analyzer as Service
 +
 +To select an item enter its number, or 0 when you are finished: [0] 1
 +
 +
 +[X] 1 - Install EventLog Analyzer as Service
 +
 +To select an item enter its number, or 0 when you are finished: [0]
 +
 +
 +Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
 +
 +Enabling Components ...
 +
 +Preparing Summary ..
 +
 +-------------------------------------------------------------------------------
 +
 + ​Details of Installation
 +
 +Installation Directory : /​opt/​ManageEngine/​EventLog. Selected Category : .
 +Product Size : 100.9MB. Install as Service : True.
 +
 +Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]
 +
 +Installing . Please wait...
 +
 +
 +|-----------|-----------|-----------|------------|
 +0%         ​25% ​        ​50% ​        ​75% ​       100%
 +||||||||||||||||||||||||||||||||||||||||||||||||||
 +
 +Creating uninstaller...
 +
 +
 +Extracting Files. This will take a few minutes. Please wait...
 +
 +-------------------------------------------------------------------------------
 +The InstallShield Wizard has successfully installed .
 +Choose Finish to exit the wizard.Technical support: eventlog-support@manageengine.com
 +Press 3 to Finish or 4 to Redisplay [3]
 +</​code>​
 +
 += Starting Eventlog Analyzer =
 +<​code>​
 +[root@syslog bin]# ./run.sh
 +================================================================================
 +
 +  JBoss Bootstrap Environment
 +
 +  JBOSS_HOME: /​opt/​ManageEngine/​EventLog
 +
 +  JAVA: /​opt/​ManageEngine/​EventLog/​bin/​..//​jre/​bin/​java
 +
 +  JAVA_OPTS: -Djava.awt.headless=true -Duser.country=US -Duser.language=en -Djava.library.path=../​lib:​../​lib/​native -Xms256m -Xmx512m -Xms256m -Xmx512m -Dprogram.name=run.sh -Djboss.server.type=com.adventnet.j2ee.deployment.system.AdventNetServerImpl -Djboss.deploy.localcopy=true -Djboss.boot.library.list=log4j-boot.jar,​jboss-common.jar,​jboss-system.jar,​AdventNetDeploymentSystem.jar,​commons-logging.jar -Ddb.home=/​opt/​ManageEngine/​EventLog/​bin/​..//​mysql -Dorg.jboss.logging.Log4jService.catchSystemOut=false -Dorg.jboss.logging.Log4jService.catchSystemErr=false -Djava.util.logging.manager=com.adventnet.logging.LogManager -Djava.util.logging.config.file=/​opt/​ManageEngine/​EventLog/​server/​default/​conf/​logging.xml -Djava.util.logging.config.class=com.adventnet.logging.LoggingScanner -Dlog.dir=/​opt/​ManageEngine/​EventLog/​server/​default -Dtier-type=BE -Dtier-id=BE1 -DContext=event -DminDiskSpace=5 -DpdfCRCount=500 -DpdfRCount=1000 -DpdfCVCount=20000 -DsysPort=5000 -DevtPort=5001 -DorclPort=5002 -DbaudRate=9600 -DDBType=mysql
 +
 +  CLASSPATH: /​opt/​ManageEngine/​EventLog/​lib/​run.jar:/​opt/​ManageEngine/​EventLog/​bin/​..//​jre/​lib/​tools.jar:/​opt/​ManageEngine/​EventLog/​lib/​AdventNetLogging.jar:/​opt/​ManageEngine/​EventLog/​lib/​AdventNetNPrevalent.jar:/​opt/​ManageEngine/​EventLog/​lib/​AdventNetUpdateManagerInstaller.jar:/​opt/​ManageEngine/​EventLog/​server/​default/​lib/​jtds-1.2.jar:/​opt/​ManageEngine/​EventLog/​lib/​
 +
 +================================================================================
 +
 +ServerContainer ​                                  ​[CREATED]
 +LogAnalyzer ​                                      ​[CREATED]
 +EventLogAnalyzer ​                                 [CREATED]
 +ServerContainer ​                                  ​[STARTED]
 +LogAnalyzer ​                                      ​[STARTED]
 +EventLogAnalyzer ​                                 [STARTED]
 +
 +Server Started.
 +Please connect your client at http://​localhost:​8400
 +</​code>​
 +
 +If everything is configured correctly go to http://​syslog:​8400 and you will be able to log in using the standard credentials of admin/​admin. If the portal is not available you'll probably have to check your firewall settings.
 +
 += Firewall Configuration =
 +
 +To open the port 8400 follow these steps:
 +
 +Open the firewall configuration tool using this command:
 +<​code>​
 +[root@syslog ~]# system-config-firewall-tui
 +</​code>​
 +and follow these steps:
 +* Select Customize
 +* Select Forward
 +* Select Add
 +** As port enter "​8400"​
 +** As protocol enter "​tcp"​ (case sensitive)
 +* Select OP, Close and OK and finally Yes to submit the changes to the firewall configuration. ​
 +
 +> Note: Perform the above steps also for port 514, udp to allow servers to send their syslog messages to this host
 +
 +When done check your configuration by querying the firewall status:
 +<​code>​
 +[root@syslog ~]# service iptables status
 +Table: filter
 +Chain INPUT (policy ACCEPT)
 +num  target ​    prot opt source ​              ​destination
 +1    ACCEPT ​    ​all ​ --  0.0.0.0/​0 ​           0.0.0.0/​0 ​          state RELATED,​ESTABLISHED
 +2    ACCEPT ​    icmp --  0.0.0.0/​0 ​           0.0.0.0/0
 +3    ACCEPT ​    ​all ​ --  0.0.0.0/​0 ​           0.0.0.0/0
 +4    ACCEPT ​    ​tcp ​ --  0.0.0.0/​0 ​           0.0.0.0/​0 ​          state NEW tcp dpt:22
 +5    ACCEPT ​    ​tcp ​ --  0.0.0.0/​0 ​           0.0.0.0/​0 ​          state NEW tcp dpt:8400
 +6    ACCEPT ​    ​udp ​ --  0.0.0.0/​0 ​           0.0.0.0/​0 ​          state NEW udp dpt:514
 +7    REJECT ​    ​all ​ --  0.0.0.0/​0 ​           0.0.0.0/​0 ​          ​reject-with icmp-host-prohibited
 +
 +Chain FORWARD (policy ACCEPT)
 +num  target ​    prot opt source ​              ​destination
 +1    REJECT ​    ​all ​ --  0.0.0.0/​0 ​           0.0.0.0/​0 ​          ​reject-with icmp-host-prohibited
 +
 +Chain OUTPUT (policy ACCEPT)
 +num  target ​    prot opt source ​              ​destination
 +</​code>​
 +As you can see in rule 5, tcp to destination port 8400 is allowed now. 
 +
 += Shutdown Eventlog Analyzer =
 +To shutdown eventlog analyzer run this command:
 +<​code>​
 +[root@syslog ~]# cd /​opt/​ManageEngine/​EventLog/​bin/​
 +[root@syslog bin]# ./​shutdown.sh
 +Shutdown message has been posted to the server.
 +Server shutdown may take a while - check logfiles for completion
 +</​code>​
 +
 += Start Eventlog Analyzer as a Service =
 +[root@syslog bin]# /​etc/​init.d/​eventloganalyzer start
 +
 +Make sure eventloganalyzer start at reboot:
 +* Check what runlevel is the default (and running now):
 +** who -r
 +<​code>​
 +run-level 3  2012-01-16 10:52
 +</​code>​
 +* Go to /​etc/​init.d/​rc/​d/​rc3.d
 +* Create kill and start links to /​etc/​init.d/​eventloganalyzer:​
 +** ln -s ../​init.d/​eventloganalyzer K01eventloganalyzer
 +** ln -s ../​init.d/​eventloganalyzer S99eventloganalyzer
 +Dit geeft:
 +<​code>​
 +lrwxrwxrwx. 1 root root 26 Jan 16 11:57 K01eventloganalyzer -> ../​init.d/​eventloganalyzer
 +lrwxrwxrwx. 1 root root 26 Jan 16 11:57 S99eventloganalyzer -> ../​init.d/​eventloganalyzer
 +</​code>​
 +
 += EventLog Analyzer Post Installation =
 +After logging in configure the following settings according to your needs:
 +* Change the admin password and email: see password database
 +* Configure the mail server: <ip address mail server>
 +* Change the number of days data is kept: 92 days
 +* Upgrade the license from evaluation to commercial
 +
 +Add these lines to the /​etc/​rsyslog.conf:​
 +<​code>​
 +# Added for eventlog analyzer to work
 +*.* @syslog
 +</​code>​
 +And restart the syslog service:
 +<​code>​
 +[root@syslog etc]# service rsyslog restart
 +Shutting down system logger: ​                              ​[ ​ OK  ]
 +Starting system logger: ​                                   [  OK  ]
 +</​code>​
 +
 +{{tag>​linux syslog}}
manageengineeventloganalyzerinstallation.txt ยท Last modified: 2013/04/21 20:17 by sjoerd