How to setup WinSyslog and Adiscon LogAnalyzer using a MYSQL Database.

If you already have a web server with PHP support and MYSQL Server running, you can skip step 1.1 and 1.2.

So in order to setup LogAnalyzer later, you will need a web server with PHP support and a MYSQL Server with an administration interface. For these tasks, we recommend the following open source applications:

• Apache Webserver
• PHP
• MYSQL
• phpMyAdmin

You can install and configure all these applications separately, but it is much easier to get WAMP for Windows. WAMP means Apache, MYSQL, PHP on Windows and combines all applications with a default configuration which can be used out of the box. So you do not need to worry about the Apache or MYSQL configuration, you just install WAMP first.

Download the latest WAMP Version from here:
http://www.en.wampserver.com/

After you downloaded WAMP, start the installation and follow the instructions. Make sure you do not have a web server or MYSQL Server already installed because this could result into conflicts.

I will use the default installation location in this article which is C:\wamp.

 Back to Top

Once the Installation is finished, a new Icon will appear in the Windows Icon tray. Click it, and choose "Localhost" from the menu to confirm that the installation was performed successfully. If it was, you should see a website looking like this. 

To check if your MYSQL is running, click on the phpMyAdmin Menu button in the WAMP Menu, and login with the username "root" and no password - if you are asked for a login.

WinSyslog will need a MYSQL ODBC driver in a later step in order to write into the MYSQL database. These drivers have to be downloaded and installed separately from here:
http://dev.mysql.com/downloads/connector

If your Windows System is a x64 version, it is important to install the x64 Version of the MySQL Connector driver. As the WinSyslog Service runs as a 64bit application itself, it will need the connector to be 64bit as well.

So if you haven't done so already, go to www.winsyslog.com and download the latest WinSyslog Version. It is always recommended to use the latest Version of WinSyslog. Once the Download is done, go ahead and install it. You may have to restart after installation, this depends on your System.

Start the WinSyslog Client, you will see the default configuration. Change the configuration of the Default Syslog Listener to your needs, or create new Syslog Services. Once you have done this, you can go to the next step.

Back to Top

Click on your WAMP Icon, and open the phpMyAdmin. Now Create a new database called "WinSyslog". Do not add any tables yet, this will be done by the WinSyslog Client in the next step.

Get back to the WinSyslog Client and create a new Rule in your default RuleSet called "Database". Then add a new "Write to Database" Action, and name it "MYSQL ODBC" for example. After adding the new action, you should be automatically taken to the actions properties.

Click on the "Data Sources (ODBC)" button to open the System ODBC Administrator. Click on the "System DSN" Tab and add a new Datasource, select "MySQL ODBC 5.1 Driver" as driver. It is important to add a System DSN rather then a User DSN, because User DSN's will not be available for the WinSyslog Service.

Name the new datasource "winsyslog" and use "localhost" as Server, "root" as username and no password. Then you are able to select the database which we created before called "WinSyslog". 

Back to Top

Enter the DSN and User-ID into the Database Action configuration form. Then click on the "Create Database" button to initially create the needed tables. Don't forget to choose "MySQL" as database in the new Windows. Then click on the Create button to add the tables into your database.

A note for x64 Systems, this will not work here because the Client actually is a 32Bit application and cannot access 64bit ODBC Data-sources. To workaround the problem please do the following:

• Copy the content of this text field into your clipboard:
  CREATE TABLE SystemEvents ( ID int unsigned not null auto_increment primary key, CustomerID bigint, ReceivedAt datetime NULL, DeviceReportedTime datetime NULL, Facility smallint NULL, Priority smallint NULL, FromHost varchar(60) NULL, Message text, NTSeverity int NULL, Importance int NULL, EventSource varchar(60), EventUser varchar(60) NULL, EventCategory int NULL, EventID int NULL, EventBinaryData text NULL, MaxAvailable int NULL, CurrUsage int NULL, MinUsage int NULL, MaxUsage int NULL, InfoUnitID int NULL , SysLogTag varchar(60), EventLogType varchar(60), GenericFileName VarChar(60), SystemID int NULL ); CREATE TABLE SystemEventsProperties ( ID int unsigned not null auto_increment primary key, SystemEventID int NULL , ParamName varchar(255) NULL , ParamValue text NULL )
  
  
• Now open phpMyAdmin, select the database "winsyslog" and click on the SQL Tab and insert the SQL commands from your clipboard.
  
• Then Click "GO", you should see "Your SQL query has been executed successfully" after that as well as two new tables on the left list called systemevents and systemeventsproperties.

Back to Top

Check the database logging action again, it should look like in the screenshot. 

From the WinSyslog configuration point of view, everything is setup now. So kindly start the WinSyslog Service. If you do not have any Syslog devices sending messages to your WinSyslog setup already, use the "Tools->Send Syslog Test Message" function to test the configuration.

Back to Top

Switch back to phpMyAdmin and browse through the systemevents table. You should see at least one data record in this table now, like in the screenshot sample.

Otherwise please check the Windows Application EventLog for possible error reports from WinSyslog.

If you are using WinSyslog 8.3 or higher, a proper version of LogAnalyzer can be found in the WinSyslog installation folder. If you are using an older Version of WinSyslog, I recommend to download the latest stable or beta build from here: http://loganalyzer.adiscon.com/downloads
In this article I will use LogAnalyzer Version 3.2.1.

You may will need to download and install third party software like WinRAR to unpack the downloaded LogAnalyzer tar.gz file.

Open the windows explorer and go to the www folder of your Apache web server, which is the folder where you can place html/php files. By default this will be "C:\wamp\www" if you have installed WAMP into the default installation folder. Create a new folder called loganalyzer there.

If you downloaded and unpacked LogAnalyzer, and copy or move the content of the src folder into the C:\wamp\www\loganalyzer folder.

The explorer window should like in the screenshot now.

Open this link to start the LogAnalyzer installation: http://localhost/loganalyzer/

If you do not see a page like in the screenshot, something went wrong in the steps before, please check them in this case.

Otherwise click on the text-link "here" on LogAnalyzer's error page to start its installation routine.

Back to Top

Follow the installation steps of LogAnalyzer.

I recommend to "Enable User Database" in Step 3, as this will give you an advanced admin control panel. The User Database requires a MYSQL database to work, you can use the same one as you are using for EventReporter. 

Back to Top

Follow the first steps in the installation of LogAnalyzer, once you reach Step 7, switch the source type to "MYSQL Native" and name the Source "WinSyslog Database"

Use "WinSyslog" as Database Name and "root" as Database User. Leave the other configuration variables as they are, see the screenshot for how it should look like.

Then click on the Next button to finish the installation.

Back to Top

After clicking on Finish link, you should see a working LogAnalyzer installation using the MYSQL Server as data source. If you do not see any data, there may is no data in your database yet. Otherwise you will see an error code and message from LogAnalyzer.