Echofish is a freeware, open source tool which provides the capability to monitor your system logs using your web browser and in an easy to understand format. Log file analysis is not an easy task, especially if you have to do it on daily basis. You have to go through a lot of log files on the daily basis to identify and resolve system problems. Echofish can make your life lot easier, it provides an easy to use web interface and all logs are available real-time in that interface. You can also view the archived system logs. It provides you a web-based interface to filter and whitelist logs. It provides detailed reports and alerts and you can use this utility to better monitor and improve your IT infrastructure. It is developed in PHP and MariaDB and uses Apache web server on the front end. In this article, we will learn the process to setup this tool on Ubuntu 16.04 system. The same set of instructions should work for any older or newer versions of Ubuntu and Debian based systems.
Installing Pre-requisites for Echofish
As already mentioned in the introductory paragraph, it needs apache, PHP and MariaDB. Let's get started on installing such required software so that our Ubuntu system should be ready to host Echofish. Run the following command to install apache web server on Ubuntu.
sudo apt-get install apache2
It will immediately install the apache2 and will start its service/daemon process as well. You can launch your system browser and load http://localhost to make sure web server is running fine. You should see the default apache-ubuntu page by browsing the mentioned URL.
Now run the following command to install MariaDB component. During the installation process, it will ask you to set MariaDB root password too, please note down the password you set here as it will be needed during the installation of Echofish.
sudo apt install php5-mysql mariadb-server mariadb-client
Alright, web server and Database server have been installed now, we will install PHP by using the following command (Echofish works great with PHP 5).
sudo apt install php5 libapache2-mod-php5 php5-mysql php5-gd
That's it, restart both services once and our system is all set to host Echofish.
sudo service apache2 restart sudo service mariadb restart
How to Install Echofish on Ubuntu 16.04
First of all, go into your system's webroot ( default apache document root is /var/www/html) and download the latest Echofish release here by using the following command.
cd /var/www/html/ wget https://github.com/echothrust/echofish/archive/master.tar.gz
Unzip/Extract this downloaded file using the following command.
tar xvf master.tar.gz
Rename the extracted directory and go into it.
mv echofish-master echofish cd echofish
We need to create database and setup database user at this point. Login MariaDB console using the root password you set earlier and run the following three commands in order there. It will create an empty Echofish database, it's respective user account and setup proper rights. In the following command, replace "Your-Pass" with the password you wish to use for Echofish DB user.
CREATE DATABASE ETS_echofish CHARACTER SET utf8 COLLATE utf8_unicode_ci; GRANT ALL PRIVILEGES ON ETS_echofish.* TO 'echofish'@'127.0.0.1' IDENTIFIED BY 'Your-Pass' WITH GRANT OPTION; FLUSH PRIVILEGES;
The following screenshot should further clarify the above-mentioned process.
Alright, now run the following commands on your system terminal by staying in the "echofish" directory. These commands will import tables into the Echofish database and will do all required changes in database tables.
mysql -u root -p ETS_echofish < schema/00_echofish-schema.sql mysql -u root -p ETS_echofish < schema/echofish-dataonly.sql mysql -u root -p ETS_echofish < schema/echofish-functions.sql mysql -u root -p ETS_echofish < schema/echofish-procedures.mariadb10.sql mysql -u root -p ETS_echofish < schema/echofish-triggers.sql mysql -u root -p ETS_echofish < schema/echofish-events.sql
The database part is done, now we need to make some minor changes in web files for Echofish to start working. First of all, run following command to create a configuration file.
cp htdocs/protected/config/db-sample.php htdocs/protected/config/db.php
Edit the above-mentioned file using your favorite text editor, we used Gedit to edit the file, specify your Echofish Database username and password here.
Save the file and launch http://Your-System-IP/echofish/htdocs/index.php in the web browser, replace "Your-System-IP" with your actual IP address of the Ubuntu system. Here is what you should be seeing.
Congratulations! Echofish has been successfully installed on your system now. The default username and password for Echofish interface are as follows:
admin / admin
Login and you will be taken to a very easy to use web based interface.
Click "Syslog Module" option to view and add new modules. The "Syslog" menu will let you see all current and old logs, you can see detailed reports of logs under "Statistics" menu. You can add alerts to whitelist by clicking Lists > whitelist option. "Settings" menu will let you enable, disable hosts and configuration settings for logs.
It is a pretty awesome tool and must-have for system administrators. It is not a resource hungry application, it hardly takes any amount of system memory. If your systems are generating extensive logging, then its database size might grow. Since it is using MariaDB database management system, so it works in the most optimized way possible. It is a feature rich application and works flawlessly on all flavors of Linux operating systems. Try it today and get rid of command line log monitoring.