HostSEO Blog

Stories and News from IT Industry, Reviews & Tips | Technology Blog

How to Monitor Server Logs in Real-Time with Tool on RHEL 7 /CentOS 7

1.Introduction is a small simple but effective application build on top of Node.js and, which allows to monitor Linux servers log files in real time through web interface screen widgets. This guide will help you to monitor server log with on CentOS 7 / RHEL 7.

2.Operating System

This article is based on RHEL 7 / CentOS 7 .


3.1 Add Epel Repositories

Install Epel repositories by running the following command.

# yum install

After you added Epel Repos, do a system upgrade by running the following command.

# yum update

Install Node.js and NPM Packages

Node.js is a Java-script server-side programming platform which allows you to create an applications with back-end functionality. NPM (Node Package Manager) is package manager for Node.js, So the next step is to install Node.js and NPM binaries on your system through the following command.

# yum install npm nodejs 

3.3 Install and Configure Application application must be installed on your system through NPM by specifying a valid system user, through which the installation must take place. So here we can install the application as root user. For installing run the below command.

# npm install -g --user “root”

After installation has been completed change the working directory to folder, which is hidden under the “/root” directory.

[root@sapin-centos7 ~]# pwd
[root@sapin-centos7 ~]# cd
[root@sapin-centos7]# ll
total 12
-rw-r--r-- 1 root root 225 Jan 18 17:21 harvester.conf
-rw-r--r-- 1 root root  56 Jan 18 16:24 log_server.conf
-rw-r--r-- 1 root root 516 Jan 18 17:22 web_server.conf

Now it’s time to configure to monitor local log files in real time.
There are mainly three configuration files and are listed below.

> harvester.conf
> log_server.conf
> web_server.conf


This the configuration file for harvester, it is nothing but a log forwarder which keeps on watching log files for changes, send new log to the server. We can configure nodeName, what are all logs to watched and where to send a log. By default it only monitors Apache log files such us “access_logs and error_logs”, Here we have to replace the nodeName statement to match your hostname and also you have to add the logStreams statements with what internal log files that you want to monitor.

exports.config = {
  nodeName: "",
  logStreams: {
    apache: [
  server: {
    host: '',
    port: 28777

Also if you don’t need harvester output to be sent to a remote server change the line host on server statement to only send its output locally by modifying address with loopback address (


For security reasons, if you are not expecting remote harvesters output to your local server, Open log_server.conf file and replace address with loopback address (

exports.config = {
  host: '',
  port: 28777


This the configuration file of web interface, this alters the functionality of the web portal. By-default, web portal is accessible on port no 28778 and on all interface. This file offers a way to increase the security by putting HTTP authentication,securing the web interface with SSL, disallowing logs from specific ip address and restricting the web interface access to the specific ip.

exports.config = {
  host: '',
  port: 28778,

  // Enable HTTP Basic Authentication
  auth: {
    user: "admin",
    pass: "adminlogin"

  // Enable HTTPS/SSL
  ssl: {
    key: '/path/to/privatekey.pem',
    cert: '/path/to/certificate.pem'

  // Restrict access to websocket (
  // Uses 'origins' syntax
  restrictSocket: '*:*',

  // Restrict access to http server (express)
  restrictHTTP: [


3.4 Add Firewall Rule and Start Application

For web access to server add a rule on RHEL/CentOS 7 Firewall to open TCP 28778 port by issuing the following command.

firewall-cmd --add-port=28778/tcp --permanent
firewall-cmd --reload

3.5 Start Application

For start log monitoring application assure that your current working directory is “/root” and use the following commands in the following order to start application.

> First start server, put it in background and press Enter key & 

> Start log harvester in background & 
[root@sapin-centos7]# &
[1] 16427
[root@sapin-centos7]#    info  - started

[root@sapin-centos7]# &
[2] 16431

4. Access Web Interface

Then open your web browser and visit http://your-ip-address:28778. You will get the following page with logs.

5. Conclusion

We have successfully installed and configured a real-time log monitoring tool “” on CentOS 7 / RHEL 7. is an excellent and effective web application to monitor local or remote servers log files is real time and get an outlook on what is going internally in the systems and especially to debug server problems when systems tend to become unresponsive or crashes, without the need to use a console.


Subscribe Now

10,000 successful online businessmen like to have our content directly delivered to their inbox. Subscribe to our newsletter!

Archive Calendar


Born in 2004 ... Trusted By Clients n' Experts

SEO Stars

They never made me feel silly for asking questions. Help me understand how to attract more people and improve my search engine ranking.

Read More

Emily Schneller Manager at Sabre Inc
SEO Stars

Took advantage of Hostseo's superb tech support and I must say, it is a very perfect one. It is very fast, servers reliability is incredible.

Read More

Leena Mäkinen Creative producer
SEO Stars

We're operating a worldwide network of servers with high quality standards requirements, we’ve choose hostseo to be our perfect partner.

Read More

Ziff Davis CEO at Mashable
SEO Stars

It’s very comfortable to know I can rely about all technical issues on Hostseo and mostly that my website and emails are safe and secured here.

Read More

Isaac H. Entrepreneur
SEO Stars

With hostseo as a hosting partner we are more flexible and save money due to the better packages with great pricing, free SEO n' free SSL too!

Read More

Madeline E. Internet Professional