Wednesday, February 5, 2014

Installing central syslog using rsyslog and LogAnalyzer on CentOS 6.x


## important installing gd gd-devel php-gd allows you to see nice graphs in loganalyzer
yum install httpd php mysql php-mysql mysql-server wget rsyslog rsyslog-mysql gd gd-devel php-gd -y

add services to start for runlevels 2,3,4,5

for x in httpd mysqld ; do chkconfig $x on; done

## start httpd
service  httpd start

## change mySQL root pass
## first start mySQL service
service mysqld start

/usr/bin/mysqladmin -u root password 'yourpass';

## prepare mySQL db for rsyslog
## you can find out correct location using:
rpm -ql rsyslog-mysql-5.8.10-8.el6.x86_64
/lib64/rsyslog/ommysql.so
/usr/share/doc/rsyslog-mysql-5.8.10
/usr/share/doc/rsyslog-mysql-5.8.10/createDB.sql

therefore in my case:
vi /usr/share/doc/rsyslog-mysql-5.8.10/createDB.sql
and edit top 2 lines to reflect that you actually using rsyslog ( default is syslog):

CREATE DATABASE rsyslogdb;
USE rsyslogdb;

## create actual DB
mysql -u root -p < /usr/share/doc/rsyslog-mysql-5.8.10/createDB.sql

## create mySQL db user for specifically for LogAnalyzer and rsyslog.
mysql -u root -p mysql
mysql> GRANT ALL ON rsyslogdb.* TO rsyslog@localhost IDENTIFIED BY 'Password';
mysql> flush privileges;
mysql> exit

## Now we have to edit rsyslog configuration file. I wanted to log all messages to MySQL
## so I would specify *.*. I have instructed rsyslog to log to MySQL running on 127.0.0.1,
## rsyslogdb is the name of the MySQL database, and I have specified MySQL rsyslog username and password.
##Also, I have added AllowedSender directive, this will make sure that rsyslog accepts logs form the clients
## on UDP as well as TCP port 514. Make sure your rsyslog.conf has following lines.

# vi /etc/rsyslog.conf

#### MODULES ####

$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imklog   # provides kernel logging support (previously done by rklogd)
#$ModLoad immark  # provides --MARK-- message capability

$ModLoad ommysql
$ModLoad imudp
$UDPServerRun 514
$ModLoad imtcp
$InputTCPServerRun 514
$ModLoad ommail

$ModLoad ommysql
*.* :ommysql:127.0.0.1,rsyslogdb,rsyslog,Password
$AllowedSender UDP, 127.0.0.1, 192.168.1.0/24
$AllowedSender TCP, 127.0.0.1, 192.168.1.0/24
##

### make sure to adjust AllowedSender in /etc/rsyslog.conf to match your network
$AllowedSender UDP, 127.0.0.1, 192.168.3.0/24, xxx.xxx.xxx.0/24
$AllowedSender TCP, 127.0.0.1, 192.168.3.0/24, xxx.xxx.xxx.0/24

## Install LogAnalyzer from http://loganalyzer.adiscon.com/downloads
wget http://download.adiscon.com/loganalyzer/loganalyzer-3.6.5.tar.gz
tar -zxvf loganalyzer-3.6.5.tar.gz
cp -rp loganalyzer-3.6.5/src /var/www/html/loganalyzer
cp -rp loganalyzer-3.6.5/contrib/* /var/www/html/loganalyzer/
cd /var/www/html/loganalyzer

## Move to the loganalyzer directory, modify the file permissions of the following 2 files, and run
## the configure.sh script. This will create a blank config.php file.

cd /var/www/html/loganalyzer
chmod u+x configure.sh secure.sh
./configure.sh
## create database and user for loganalyzer
mysqladmin  create loganalyzerdb -p
GRANT ALL ON loganalyzerdb.* TO loganalyzer@localhost IDENTIFIED BY 'Password';
Query OK, 0 rows affected (0.00 sec)
flush privileges;
Query OK, 0 rows affected (0.00 sec)

## this is create 0 bytes config.php  this is intentional as config will be done via browser
##Open your web browser and point it to http://Ip-Address/loganalyzer

#follow steps as per screen instructions
# I have included 2 main print screens you need pay attention to.







##Open iptable for UDP and TCP port 514. Open the iptables file and add following rules to it.
# vi /etc/sysconfig/iptables and add the following:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 514 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 514 -j ACCEPT
## restart iptables service
service iptables restart


#Configure clients for Remote Logging
## on the client host ( assuming you have rsyslogd installed)
vi /etc/rsyslog.conf
*.* @@192.168.3.4
service rsyslog restart

## Now it's good time to restart rsyslog central server as well
service rsyslog restart




Saturday, August 10, 2013

How to redirect in Glassfish server 3.x

 URL Redirection Within a Domain
You can use the url-prefix element of the redirect_ property to forward a URL to another URL in the same domain.
The following procedure shows how to enable visitors to a web site to type inhttp://www.mywebsite.com/myproduct1 and be redirected or forwarded tohttp://www.mywebsite.com/mywarname/products/myproduct1.jsp.
1.    Log in to the Admin Console of Sun Java System Application Server or GlassFish.
2.    In the Admin Console, expand the Configurations node.
3.    Expand the server-config node.
Ignore this step if you are running a developer domain (a domain that does not have clustering capability).
4.    Expand HTTP Service.
5.    Expand Virtual Servers.
6.    Click server.
7.    On the Edit Virtual Server page, click the Add Property button.
8.    In the Name column, type redirect_1.
9.    If you are using Application Server 9.0, type from=/<context-root>/myproduct1 url-prefix=/mywarname/mypages/products/myproduct1.jsp in the Value column.
Note - The value of the <context-root> you provide here needs to match the value of the context root specified in the web.xml or application.xml file.
If you are using Application Server 9.1, type from=/myproduct1 url-prefix=/mywarname/mypages/products/myproduct1.jsp in the Value column.


My example was redirect from /test to somesite.com/app1

<property name="redirect_1" value="from=/test url-prefix=http://somesite.com/app1"/>



Monday, May 6, 2013

couldn't add command channel 127.0.0.1#953: address in use

Spent sometime around this error using chroot bind 9.x
couldn't add command channel 127.0.0.1#953: address in use

 Guys, assuming your bind config is correct - this error is related to service "portserve" running and using this port!
ps -ef|grep portreserve|grep -v grep
root      1349     1  0 May06 ?        00:00:00 /sbin/portreserve

stop the service and disable from startup:

service portreserve stop
Stopping portreserve: [  OK  ]
[root@WNS3 etc]# chkconfig portreserve off

Friday, April 26, 2013

Installing Apex Listener 2.x

In this example i am installing Oracle Apex Listener 2.x and integrating into Glassfish 3.2.
 This article only covers installing listener  correctly so when you deploy it into Glassfish it works properly.

( in some of my attempts I kept getting java.lang.IllegalStateException: PWC3990: getWriter() has already been called for this response) errors.

Assuming you already have Oracle Apex installed.


1. as user oracle create directory apex_listener
2. cd apex_listener and download apex_listener.2.0.1.64.14.25.zip
3. unzip apex_listener.2.0.1.64.14.25.zip
## setup configdir
4.java -jar apex.war configdir /home/oracle/apex_listener
[host$ java -jar apex.war configdir /home/oracle/apex_listener
Apr 26, 2013 2:39:52 PM oracle.dbtools.common.config.cmds.ConfigDir execute
INFO: Set config.dir to /home/oracle/apex_listener in: /home/oracle/apex_listener/apex.war

## configure database connection properties
5.java -jar apex.war setup
Apr 26, 2013 2:40:28 PM oracle.dbtools.common.config.file.ConfigurationFolder logConfigFolder
INFO: Using configuration folder: /home/oracle/apex_listener/apex
Enter the name of the database server [localhost]: myhost.com

Enter the database listen port [1521]:1521
Enter 1 to specify the database service name, or 2 to specify the database SID [1]:2
Enter the database SID [xe]:SID-NAME
Enter the database user name [APEX_PUBLIC_USER]:
Enter the database password for APEX_PUBLIC_USER:
Confirm password:
Enter 1 to enter passwords for the RESTful Services database users (APEX_LISTENER,APEX_REST_PUBLIC_USER), 2 to use the same password as used for APEX_PUBLIC_USER or, 3 to skip this step [1]:2
Apr 26, 2013 2:41:12 PM oracle.dbtools.common.config.file.ConfigurationFiles update
INFO: Updated configurations: defaults, apex, apex_al, apex_rt

6. Log in to Glassfish server and deploy newly created apex.war file

Once deployed you can access your Apex page via Glassfish.
 usually:  http://myhost.com/apex

Tuesday, November 20, 2012

VSFTPD logging incorrect timestamp

Bumped into wrong time stamp in xferlog today.
 for some reason vsftpd has timezone of it's own & does not follow OS timezone... This is in RHEL 5.8 & vsftpd-2.0.5-24.el5_8.1

fix:
 To change the logging to use the local server time, set the following in /etc/vsftpd.conf and restart VSFTPD.
use_localtime=YES

service vsftpd restart

Monday, November 12, 2012

Luns policy round robin esxi


This article describes how to set policy for path selection to Round Robin ( default is Fixed) via command line. Doing it via Vsphere GUI could be quite time consumiung :)

  tested on Esxi 4.1.0 #1 SMP Release build-348481


1.       To generate the luns file in /tmp
1a. create file esxihosts with host names e.g.
Host1
Host2
Host3


for x in `cat esxihosts `; do echo --------------$x------------; ssh $x "esxcfg-mpath -b | grep ^naa | awk '{print $1}' > /tmp/luns "; done

2.       Copy script to all hosts in the cluster:
for x in `cat esxihosts `; do scp setroundrobin  $x:/tmp/; done

Script is:
cat setroundrobin

#!/bin/sh
#
# To generate the luns file in /tmp
#
# esxcfg-mpath -b | grep ^naa | awk '{print $1}' > /tmp/luns
#
# NOTE: remove the internal disk from the luns file first
#

luns=/tmp/luns

for i in `cat $luns`
do
   echo $i
   esxcli nmp device setpolicy --device $i --psp VMW_PSP_RR
   sleep 3
done

exit 0

3.       Execute the script on all hosts:
for x in `cat esxihosts `; do echo --------------$x------------; ssh $x " sh /tmp/setroundrobin"; done

Tuesday, November 6, 2012

Installing Glassfish server on Linux

Installing Glassfish server on Linux

1. Install SDK http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1637583.html

In my case I downloaded rpm : jdk-7u5-linux-x64.rpm

Let’s set global JAVA_HOME

vi /etc/profile and add :

JAVA_HOME=/usr/local/java; export JAVA_HOME

/usr/local/java is the location where java sdk will be installed.

Let’s get to it:
rpm -ihv jdk-7u5-linux-x64.rpm

Preparing…                ########################################### [100%]

1:jdk                    ########################################### [100%]

Unpacking JAR files…

rt.jar…

jsse.jar…

charsets.jar…

tools.jar…

localedata.jar…

This installs it into: /usr/java/jdk1.7.0_05 ? You can check where files are with the commands:

rpm -ql jdk-1.7.0_05-fcs.x86_64|more


In rhel/fedora you can either remove dummy java symlink or point to your actual install. I am talking about:

/etc/alternatives/java

ls -la /etc/alternatives/java
lrwxrwxrwx 1 root root 46 2011-09-05 18:46 /etc/alternatives/java -> /usr/lib/jvm/jre-1.6.0-openjdk.x86_64/bin/java
rm /etc/alternatives/java
rm: remove symbolic link `/etc/alternatives/java’? y
ln -s /usr/java/jdk1.7.0_05/bin/java /etc/alternatives/java
ls -la /etc/alternatives/java
lrwxrwxrwx 1 root root 30 2012-06-13 10:45 /etc/alternatives/java -> /usr/java/jdk1.7.0_05/bin/java
java -version
java version “1.7.0_05?

Java(TM) SE Runtime Environment (build 1.7.0_05-b05)

Java HotSpot(TM) 64-Bit Server VM (build 23.1-b03, mixed mode)

Let’s take care of symlink for our JAVA_HOME
ln -s /usr/java/jdk1.7.0_05 /usr/local/java
ls -la /usr/local/java
lrwxrwxrwx 1 root root 21 2012-06-13 10:44 /usr/local/java -> /usr/java/jdk1.7.0_05

2. Download glassfish server for Linux:

chmod +x ogs-3.1.2-unix.sh

*Please note* if you are planning to bind to ports < 1024 you need to run it as root, otherwise any local/Kerberos user is fine. There’s also a workaround to “bind” to port 80. You can contact me for more info.

sh ./ogs-3.1.2-unix.sh

Unfortunterally, by default it requires X windows. There are command line options available too, however I do have vnc and this is the method I chose to install. You would have to vnc as oracle into your server. You can check my Enabling VNC server on Linux as 1,2,3 quick guide.

Once GUI opens up just follow on-screen instructions
Glassfish is installed in : /usr/local/glassfish3

I created stop and start scripts:

cat stop.sh

bin/asadmin stop-domain domain1
cat start.sh

nohup bin/asadmin start-domain –verbose &

At this point you can launch firefox locally and point your browser to:
http://localhost:4848