The syslog-ng application is a flexible and scalable system logging application, main features of syslog-ng reliable log transfer, Secure logging using TLS, Direct database access, Heterogeneous environments, filer and classified, IPV4 and IPV6 can support.
It's applied to manage log messages and control in centralized logging. To collect the log messages with different type of application, files and others logs to store in remote syslog-ng server.
Download the syslog-ng application latest version from below link.
# wget http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.5.4/source/eventlog_0.2.12+20120504+1700.tar.gz
# wget http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.5.4/source/syslog-ng_3.5.4.tar.gz
# wget http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.5.4/source/syslog-ng_3.5.4.tar.gz
Uncompress the event log archive using the tar command and install it.
# tar xvfz eventlog_0.2.12+20120504+1700.tar.gz
# cd eventlog_0.2.12+20120504+1700
#./configure
# make && make install
# cd eventlog_0.2.12+20120504+1700
#./configure
# make && make install
Once installation has been completed can find out under following directory.
# cd /usr/local/lib/pkgconfig
# cat eventlog.pc
prefix=/usr/local
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=${prefix}/include/eventlog
Name: EventLog
Description: General system logging format library
Version: 0.2.12
Cflags: -I${includedir}
Libs: -L${libdir} -levtlog
# cat eventlog.pc
prefix=/usr/local
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=${prefix}/include/eventlog
Name: EventLog
Description: General system logging format library
Version: 0.2.12
Cflags: -I${includedir}
Libs: -L${libdir} -levtlog
Normally, the evenlog creates a file by the syslog-ng configure script in the /usr/local/lib/pkgconfig Now export the path & configure Syslog-ng.
# export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/local/lib/pkgconfig
You can install syslog-ng application, extract the archive file using tar command and install it.
# tar xvfz syslog-ng_3.5.4.tar.gz
# cd syslog-ng_3.5.4
# ./configure
# make && make install
# cd syslog-ng_3.5.4
# ./configure
# make && make install
To find out location of installed applcation.
# whereis syslog-ng
syslog-ng: /usr/local/sbin/syslog-ng /usr/local/etc/syslog-ng.conf /usr/local/lib/syslog-ng
syslog-ng: /usr/local/sbin/syslog-ng /usr/local/etc/syslog-ng.conf /usr/local/lib/syslog-ng
For a test run the application immediately and Check whether the application is functional in your server.
# /usr/local/sbin/syslog-ng
# ps aux | grep syslog-ng
root 10983 0.0 0.0 26684 472 ? S 11:44 0:00 supervising syslog-ng
root 10984 0.0 0.3 78808 3088 ? Ss 11:44 0:00 /usr/local/sbin/syslog-ng
# ps aux | grep syslog-ng
root 10983 0.0 0.0 26684 472 ? S 11:44 0:00 supervising syslog-ng
root 10984 0.0 0.3 78808 3088 ? Ss 11:44 0:00 /usr/local/sbin/syslog-ng
The below script for easy way to start, stop, restart, reload, condrestart, checkconfig.
Make a file and add below line,
# vim /etc/sysconfig/syslog-ng
SYSLOGNG_PID="/var/run/syslog-ng.pid"
SYSLOGNG_OPTIONS="-p $SYSLOGNG_PID"
SYSLOGNG_COMPAT_PID="/var/run/syslogd.pid"
SYSLOGNG_PID="/var/run/syslog-ng.pid"
SYSLOGNG_OPTIONS="-p $SYSLOGNG_PID"
SYSLOGNG_COMPAT_PID="/var/run/syslogd.pid"
Same as, make a syslog-ng file under /etc/init.d/ directory and give Execute permission.
# touch /etc/init.d/syslog-ng
# chmod +x /etc/init.d/syslog-ng
# vi /etc/init.d/syslog-ng
# chmod +x /etc/init.d/syslog-ng
# vi /etc/init.d/syslog-ng
Add the below script to that file.
##!/bin/sh
## syslog-ng starts/stops syslog-ng service
. /etc/init.d/functions
[ -e /etc/sysconfig/syslog-ng ] && . /etc/sysconfig/syslog-ng
RETVAL=0
check_syntax()
{
[ -x /usr/local/sbin/syslog-ng ] || exit 5
/usr/local/sbin/syslog-ng -s $SYSLOGNG_OPTIONS
RETVAL=$?
return $RETVAL
}
verify_config()
{
check_syntax
RETVAL=$?
[ $RETVAL -eq 0 ] || exit $retval
}
checkconfig()
{
action $"Checking Configuration: " check_syntax
}
start()
{
verify_config
echo -n $"Starting syslog-ng: "
if [ -e $SYSLOGNG_COMPAT_PID ]; then
failure "PID file for existing syslog daemon exists"
fi
daemon /usr/local/sbin/syslog-ng $SYSLOGNG_OPTIONS
ln -sf $SYSLOGNG_PID $SYSLOGNG_COMPAT_PID
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/syslog-ng
return $RETVAL
}
stop()
{
echo -n $"Stopping syslog-ng: "
REMOVE_COMPAT_PID=0
if [ -e $SYSLOGNG_PID ]; then
if [ -e $SYSLOGNG_COMPAT_PID -a $(<$SYSLOGNG_PID) == $(<$SYSLOGNG_COMPAT_PID) ]; then
REMOVE_COMPAT_PID=1
fi
fi
killproc syslog-ng
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/syslog-ng
[ $RETVAL -eq 0 -a $REMOVE_COMPAT_PID -eq 1 ] && rm -f $SYSLOGNG_COMPAT_PID
return $RETVAL
}
case "$1" in
start|stop|reload)
$1
;;
restart|force_reload)
restart
;;
status)
status syslog-ng
;;
checkconfig|configtest|check|test)
checkconfig
;;
condrestart|try-restart)
[ -f /var/lock/subsys/syslog-ng ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|condrestart|checkconfig}" exit 1
esac
exit $?
# vim: ft=sh:ts=4:ai:si:
reload()
{ verify_config
echo -n $"Reloading syslog-ng: "
killproc syslog-ng -HUP
RETVAL=$?
echo
return $RETVAL
}
restart()
{
stop
start
}
## syslog-ng starts/stops syslog-ng service
. /etc/init.d/functions
[ -e /etc/sysconfig/syslog-ng ] && . /etc/sysconfig/syslog-ng
RETVAL=0
check_syntax()
{
[ -x /usr/local/sbin/syslog-ng ] || exit 5
/usr/local/sbin/syslog-ng -s $SYSLOGNG_OPTIONS
RETVAL=$?
return $RETVAL
}
verify_config()
{
check_syntax
RETVAL=$?
[ $RETVAL -eq 0 ] || exit $retval
}
checkconfig()
{
action $"Checking Configuration: " check_syntax
}
start()
{
verify_config
echo -n $"Starting syslog-ng: "
if [ -e $SYSLOGNG_COMPAT_PID ]; then
failure "PID file for existing syslog daemon exists"
fi
daemon /usr/local/sbin/syslog-ng $SYSLOGNG_OPTIONS
ln -sf $SYSLOGNG_PID $SYSLOGNG_COMPAT_PID
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/syslog-ng
return $RETVAL
}
stop()
{
echo -n $"Stopping syslog-ng: "
REMOVE_COMPAT_PID=0
if [ -e $SYSLOGNG_PID ]; then
if [ -e $SYSLOGNG_COMPAT_PID -a $(<$SYSLOGNG_PID) == $(<$SYSLOGNG_COMPAT_PID) ]; then
REMOVE_COMPAT_PID=1
fi
fi
killproc syslog-ng
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/syslog-ng
[ $RETVAL -eq 0 -a $REMOVE_COMPAT_PID -eq 1 ] && rm -f $SYSLOGNG_COMPAT_PID
return $RETVAL
}
case "$1" in
start|stop|reload)
$1
;;
restart|force_reload)
restart
;;
status)
status syslog-ng
;;
checkconfig|configtest|check|test)
checkconfig
;;
condrestart|try-restart)
[ -f /var/lock/subsys/syslog-ng ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|condrestart|checkconfig}" exit 1
esac
exit $?
# vim: ft=sh:ts=4:ai:si:
reload()
{ verify_config
echo -n $"Reloading syslog-ng: "
killproc syslog-ng -HUP
RETVAL=$?
echo
return $RETVAL
}
restart()
{
stop
start
}
Now, Determine your application utilizing the below commands,
# /etc/init.d/syslog-ng start
Starting syslog-ng: [ OK ]
# /etc/init.d/syslog-ng status
syslog-ng (pid 24840) is running...
# /etc/init.d/syslog-ng stop
Stopping syslog-ng: [ OK ]
Starting syslog-ng: [ OK ]
# /etc/init.d/syslog-ng status
syslog-ng (pid 24840) is running...
# /etc/init.d/syslog-ng stop
Stopping syslog-ng: [ OK ]
Error 1:
If you will not export the path & configure Syslog-ng get an below error.
...
checking for EVTLOG... no
configure: error: Package requirements (eventlog >= 0.2.12) were not met:
No package 'eventlog' found
Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.
Alternatively, you may set the environment variables EVTLOG_CFLAGS
and EVTLOG_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.
...
checking for EVTLOG... no
configure: error: Package requirements (eventlog >= 0.2.12) were not met:
No package 'eventlog' found
Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.
Alternatively, you may set the environment variables EVTLOG_CFLAGS
and EVTLOG_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.
...
solution:
# export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/local/lib/pkgconfig
Error 2:
You may get an error while configure the application, install glib2-devel.
# ./configure
...
checking for GLIB... no
configure: error: Package requirements (glib-2.0 >= 2.10.1 gmodule-2.0 gthread-2.0) were not met:
No package 'glib-2.0' found
No package 'gmodule-2.0' found
No package 'gthread-2.0' found
Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.
...
checking for GLIB... no
configure: error: Package requirements (glib-2.0 >= 2.10.1 gmodule-2.0 gthread-2.0) were not met:
No package 'glib-2.0' found
No package 'gmodule-2.0' found
No package 'gthread-2.0' found
Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.
solution:
yum install glib2-devel
Thank you very much,this very helpful for my work.
Thank you so much... :)