Monitor Server Logs in Real-Time with ""

Saturday, October 5, 2019 is a small application build on Node.js and for monitoring real time Linux server logs through web interface.

On RHEL/CentOS 7

Install Epel repositories using the following command.

yum install

On RHEL/CentOS 6

--------------------- On RHEL/CentOS 6.x - 32 Bit ---------------------
yum install
--------------------- On RHEL/CentOS 6.x - 64 Bit ---------------------
yum install

After added the Epel repositories you can do a system upgrade by using following command line.

yum update

Now Install Node.js and NPM

Node.js is an open-source, cross-platform JavaScript run-time environment that executes JavaScript code server-side. Historically, JavaScript was used primarily for client-side scripting, in which scripts written in JavaScript are embedded in a webpage's HTML and run client-side by a JavaScript engine in the user's web browser. Node.js lets developers use JavaScript for server-side scripting—running scripts server-side to produce dynamic web page content before the page is sent to the user's web browser. Consequently, Node.js represents a "JavaScript everywhere" paradigm, unifying web application development around a single programming language, rather than different languages for server side and client side install the nodejs using following command line.

curl --silent --location | bash - 
yum install -y nodejs

Install and Configure Application application must be installed through NPM by specifying a valid local system user ( example - root) i recommend install this application through root user. now install the application using following command.

npm install -g --user "root"

after the completed installation the application will create a folder which is hidden the folder name is "" in centos 7 the folder path is below

cd /root/

after that you will see three file

harvester.conf, log_server.conf, web_server.conf  

Now it's time to configure to monitor local log files in real time.

- The harvester file is for watches the changes in specified local log files declared in its configuration and send new log to the server. - harvester.conf

First open the harvester.conf file, by default you will see have some setting the monitor Apache log 

nano harvester.conf

my harvester.conf file below

exports.config = {
    nodeName: "application_server",
    logStreams: {
      apache: [
      SecureLog: [
      MySqlLog: [
    server: {
      host: '',
      port: 28777
Note - if you don't want to send the harvester output to a remote server then open harvester.conf file and replace address with lookback address(
log_server.conf - This configuration is for tell the server on which ip address it should listen.By default it listens on all ip interfaces you can modify the ip address by using the following command 
my log_server.conf file below
nano log_server.conf
exports.config = {
  host: '',
  port: 28777

web_server.conf - This configuration file is for web interface. by default the web portal is accessible on port 28778(all interface). Also using this file you can increase the security by using HTTP authentication,securing the web interface with SSL, disallow logs from specific ip address and restricting the web interface access to the specific ip. 

my web_server.conf file below

nano web_server.conf
 exports.config = {
  host: '',
  port: 28778,

  // Enable HTTP Basic Authentication
  auth: {
    user: "hackthesec",
    pass: "1234346"

  // Enable HTTPS/SSL
  ssl: {
    key: '/path/to/privatekey.pem',
    cert: '/path/to/certificate.pem'

  // Restrict access to websocket (
  // Uses 'origins' syntax
  restrictSocket: '*:*',

  // Restrict access to http server (express)
  restrictHTTP: [

Allow web interface and in the firewall for receiving the logs from the harvester.
firewall-cmd --add-port=28778/tcp --permanent
firewall-cmd --add-port=28777/tcp --permanent
firewall-cmd --reload

Start Application using following command line 

------ First start server in background ---- &
--- Start log harvester in background ----- & 

After the server has been started open your browser and hit enter with your ip and the declared  port

example -


To stop application run the following command.

pkill node =

« Back