Assuming a 'destination clientlogs' like the one following.
If yours does not look like this adjust.
destination clientslogs { file("/green/log/ng/$HOST/$FACILITY/$YEAR$MONTH$DAY.log" owner(root) group(adm) perm(0644) dir_perm(0755) create_dirs(yes) ); };
If you don't have apache on this host install it.
If you are paranoid about security limit access to it with iptables.
For every host that we want to access logs through a web-site we create a virtual host. eg.
<VirtualHost 10.21.241.4:80> ServerAdmin systems@rocks.net DocumentRoot /green/log/ng/host-name/local0 ServerName host-name-log.ipduh.awmn ServerAlias host-name.log.ipduh.awmn ScriptAlias /cgi-bin2/ "/green/log/ng/host-name/local0" AddHandler cgi-script .do DirectoryIndex index.do index.html <Directory "/green/log/ng/host-name/local0"> AllowOverride None Options ExecCGI Order allow,deny Allow from all DirectoryIndex index.do index.html AuthType Basic AuthName "host-name" AuthUserFile /green/log/ng/host-name/passwd/passwd Require valid-user </Directory> ErrorLog "|/usr/sbin/rotatelogs /green/log/ng/host-name/local0/wwwlogs/error/host-name-error_log.%Y%m%d 86400" CustomLog "|/usr/sbin/rotatelogs /green/log/ng/host-name/local0/wwwlogs/access/host-name-access_log.%Y%m%d 86400" combined
Replace 'host-name' with the host name. Put the following script in /green/log/ng/host-name/local0/index.do
#!/usr/bin/perl
#g0 2013 simple web-interface to logs gathered by syslog-ng
use strict;
use warnings;
my $host='example';
my $sepoch=time();
opendir MYDIR, ".";
my @cont = readdir MYDIR;
closedir MYDIR;
print "Content-type: text/html\n\n";
print "<html><head><title>$host Logs Index</title>";
print <<TOPTOP;
<style>
.ipduh{ font-size:.6em;}
a.ipduh:link {color:#0000FF; text-decoration:none; }
a.ipduh:visited {color:#0000FF; text-decoration:none; }
a.ipduh:hover {color:#000000; text-decoration:underline; }
a.ipduh:active {color:#000000; text-decoration:underline; }
</style>
</head><body>
$host
<br/>
****************************************
<br/>
TOPTOP
my $file;
foreach $file (sort {$b <=> $a} (@cont)){
if($file ne ".." && $file ne "." && $file ne "wwwlogs" && $file ne "index.do" && $file ne "passwd" && $file ne '.index.do.swp' && $file ne 'stor' ){
print "<a href=./$file>$file</a><br />";
}
}
print<<TELOS;
<br/>
****************************************
<br/>
<a class="ipduh" title="epoch $sepoch" href=http://ipduh.com/epoch/?$sepoch>$sepoch</a>
<a class="ipduh" title="ipduh.com" href=http://ipduh.com>ipduh</a>
</html>
TELOS
That's it! easy!
Simple HTTP-web accessible syslog-ng Logs