Configure Rsyslog with MySQL on centos 6/7

When build application logging is very important to trace and monitor system. One of most common solution for logging is rsyslog. In default Rsyslog will store log to file, log data to file has some disadvantages compare with database especially when amount data is huge.

Rsyslog provide plugin to work with MySQL, or mongo dB for store log. In this post I will guide how to configure Rsyslog with MySQL to make center logging server on centos 6/7.

On this post I assume that your centos box already install rsyslog and mysql.

1. Install rsyslog-mysql plugin

We run below command to install rsyslog mysql plugin.

sudo yum install rsyslog-mysql

2. Create database for rsyslog and user

Rsyslog provide script to create database and tables to store log. Use this script to create database.

mysql –u root –p </usr/share/doc/rsyslog-mysql-5.8.10/createDB.sql

Now we already has a database name Syslog. We need create a user so that rsyslog can connect to mysql and use Syslog database (avoid using root user).

#mysql –u root –p
mysql> create user ‘syslog’@’localhost’ identified by ‘password_syslog’;
mysql> grant all on Syslog.* to ‘syslog’@’localhost’;
mysql> FLUSH PRIVILEGES;

3. Setup Rsyslog with mysql

Now we need edit rsyslog configuration to make it work with mysql.
We need change file rsyslog.conf, to do that run below command.

sudo vi rsyslog.conf

we add below lines

$ModLoad ommysql
*.*       :ommysql:localhost,Syslog,syslog,password_syslog

We restart rsyslog so it can apply new changes

service rsyslog restart

Now we’ve already finished configure rsyslog to work with MySql also

Tomcat – Disable JSESSIONID in URL

When doing Testing to cover PCI Requirement 6, i face with issue exposed session id  in url, so i write this guie to help other one sort down their time to fix this issue. To fix this issue we have some solutions depend on environment.

https://webapp.com/main.do;jsessionid=557206C363324F1267A24AB769CA0DE4529.node01

1.Tomcat 6

In tomcat 6 we can disable by using disableURLRewriting. We create context.xml file and put following lines and make sure cookie is enable

<?xml version='1.0' encoding='utf-8'?>
<Context docBase="PATH_TO_WEBAPP" path="/CONTEXT" disableURLRewriting="true">
</Context>

2 . Tomcat 7 or above

With Tomcat 7 or above we can add follow lines into web.xml

<session-config>
  <tracking-mode>COOKIE</tracking-mode>
</session-config>

Or we can using programatic

servletContext.setSessionTrackingModes(EnumSet.of(SessionTrackingMode.COOKIE));