1. Downliad the syslog-ng application latest version from below link.
# wget http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.5.4/source/eventlog_0.2.12+20120504+1700.tar.gz
# wget http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.5.4/source/syslog-ng_3.5.4.tar.gz
2. Uncompress the event log archive using the tar command and install it.
# tar xvfz eventlog_0.2.12+20120504+1700.tar.gz
# cd eventlog_0.2.12+20120504+1700
#./configure
# make && make install
3. Once installation has completed can find out under following directory.
# cd /usr/local/lib/pkgconfig
# cat eventlog.pc
prefix=/usr/local
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=${prefix}/include/eventlog
Name: EventLog
Description: General system logging format library
Version: 0.2.12
Cflags: -I${includedir}
Libs: -L${libdir} -levtlog
4. Normally, the eventlog creates a file by the syslog-ng configure script in the /usr/local/lib/pkgconfig Now export the path & configure Syslog-ng.
# export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/local/lib/pkgconfig
5. You can install syslog-ng application, extract the archive file using tar command and install it.
# tar xvfz syslog-ng_3.5.4.tar.gz
# cd syslog-ng_3.5.4
# ./configure
# make && make install
6. To find out location of installed application.
# whereis syslog-ng
syslog-ng: /usr/local/sbin/syslog-ng /usr/local/etc/syslog-ng.conf /usr/local/lib/syslog-ng
7. For a test run the application immediately and Check whether the application is functional in your server.
# /usr/local/sbin/syslog-ng
# ps aux | grep syslog-ng
root 10983 0.0 0.0 26684 472 ? S 11:44 0:00 supervising syslog-ng
root 10984 0.0 0.3 78808 3088 ? Ss 11:44 0:00 /usr/local/sbin/syslog-ng
8. The below script for easy way to start, stop, restart, reload, condrestart, checkconfig. Make a file and add below line.
# vim /etc/sysconfig/syslog-ng
SYSLOGNG_PID="/var/run/syslog-ng.pid"
SYSLOGNG_OPTIONS="-p $SYSLOGNG_PID"
SYSLOGNG_COMPAT_PID="/var/run/syslogd.pid"
9. Same as, make a syslog-ng file under /etc/init.d/ directory and give Execute permission.
# touch /etc/init.d/syslog-ng
# chmod +x /etc/init.d/syslog-ng
# vi /etc/init.d/syslog-ng
10. Add the below script to the file.
#!/bin/sh
## syslog-ng starts/stops syslog-ng service
. /etc/init.d/functions
[ -e /etc/sysconfig/syslog-ng ] && . /etc/sysconfig/syslog-ng
RETVAL=0
check_syntax()
{
[ -x /usr/local/sbin/syslog-ng ] || exit 5
/usr/local/sbin/syslog-ng -s $SYSLOGNG_OPTIONS
RETVAL=$?
return $RETVAL
}
verify_config()
{
check_syntax
RETVAL=$?
[ $RETVAL -eq 0 ] || exit $retval
}
checkconfig()
{
action $"Checking Configuration: " check_syntax
}
start()
{
verify_config
echo -n $"Starting syslog-ng: "
if [ -e $SYSLOGNG_COMPAT_PID ]; then
failure "PID file for existing syslog daemon exists"
fi
daemon /usr/local/sbin/syslog-ng $SYSLOGNG_OPTIONS
ln -sf $SYSLOGNG_PID $SYSLOGNG_COMPAT_PID
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/syslog-ng
return $RETVAL
}
stop()
{
echo -n $"Stopping syslog-ng: "
REMOVE_COMPAT_PID=0
if [ -e $SYSLOGNG_PID ]; then
if [ -e $SYSLOGNG_COMPAT_PID -a $(<$SYSLOGNG_PID) == $(<$SYSLOGNG_COMPAT_PID) ]; then
REMOVE_COMPAT_PID=1
fi
fi
killproc syslog-ng
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/syslog-ng
[ $RETVAL -eq 0 -a $REMOVE_COMPAT_PID -eq 1 ] && rm -f $SYSLOGNG_COMPAT_PID
return $RETVAL
}
case "$1" in
start|stop|reload)
$1
;;
restart|force_reload)
restart
;;
status)
status syslog-ng
;;
checkconfig|configtest|check|test)
checkconfig
;;
condrestart|try-restart)
[ -f /var/lock/subsys/syslog-ng ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|condrestart|checkconfig}" exit 1
esac
exit $?
# vim: ft=sh:ts=4:ai:si:
reload()
{ verify_config
echo -n $"Reloading syslog-ng: "
killproc syslog-ng -HUP
RETVAL=$?
echo
return $RETVAL
}
restart()
{
stop
start
}
11. Now, Determine your application utilizing the below commands.
# /etc/init.d/syslog-ng start
Starting syslog-ng: [ OK ]
# /etc/init.d/syslog-ng status
syslog-ng (pid 24840) is running...
# /etc/init.d/syslog-ng stop
Stopping syslog-ng: [ OK ]
<Error 처리>
1. If you will not export the path & configure Syslog-ng get an below error.
...
checking for EVTLOG... no
configure: error: Package requirements (eventlog >= 0.2.12) were not met:
No package 'eventlog' found
Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.
Alternatively, you may set the environment variables EVTLOG_CFLAGS
and EVTLOG_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.
...
solution :
# export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/local/lib/pkgconfig
2. You may get an error while configure the application, install glib2-devel.
# ./configure
...
checking for GLIB... no
configure: error: Package requirements (glib-2.0 >= 2.10.1 gmodule-2.0 gthread-2.0) were not met:
No package 'glib-2.0' found
No package 'gmodule-2.0' found
No package 'gthread-2.0' found
Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.
solution :
# yum install glib2-devel
ref) http://thelinuxfaq.com/39-install-syslog-ng-latest-version-in-centos