Packetwatch.net

Syslog-ng in Fedora Core 3



Last modified: Jul. 26, 2008

Contents
1 - Summary
2 - Dependencies
3 - Syslog-ng Installation
4 - Service Configuration
5 - Service Check


1 - Summary

This little guide will show you how to install syslog-ng in Fedora Core 3. For
this guide to work you will need to be running Fedora Core 3.


2 - Dependencies

Libol is a dependency that is needed. Navigate your web browser to
http://www.balabit.com/downloads/libol/ and download the source for version 0.3.15.

# tar -zxvf libol-0.3.15.tar.gz
# cd libol-0.3.15
# ./configure
# make

Now, become root and navigate to the libol directory and install it.

# make install && make clean


3 - Syslog-ng Installation

Navigate your web browser to http://www.balabit.com/downloads/syslog-ng/ and
download the source for version 1.6.6. Now, install syslog-ng.

# tar -zxvf syslog-ng-1.6.6.tar.gz
# cd syslog-ng-1.6.6
# ./configure
# make

Now, become root and navigate to the syslog-ng directory and install it.

# make install && make clean


4 - Service Configuration

Continue as root. Check to see what runlevels syslog starts up on.

# chkconfig --list | grep syslog
syslog          0:off   1:off   2:on    3:on    4:on    5:on    6:off

Disable syslog from starting at boot time.

# chkconfig syslog off

Create a directory for the configuration file, and copy it in.

# mkdir /usr/local/etc/syslog-ng
# cd /home/ryan
# cp syslog-ng-1.6.6/contrib/syslog-ng.conf.RedHat /usr/local/etc/syslog-ng/syslog-ng.conf

Copy the init.d script to the correct location and change the file permissions
on the file to be executable.

# cd /home/ryan
# cp syslog-ng-1.6.6/contrib/init.d.RedHat-7.3 /etc/rc.d/init.d/syslog-ng
# chmod ugo+x /etc/rc.d/init.d/syslog-ng

Add the syslog-ng service, so it will start at boot time. Also, check to make
sure that syslog-ng starts on the same runlevels as syslog used to.

# chkconfig --add syslog-ng
# chkconfig --list | grep syslog-ng
syslog-ng       0:off   1:off   2:on    3:on    4:on    5:on    6:off

You can now create your own syslog-ng.conf file if you like. You can use the
following for your source.

source local { internal(); file("/proc/kmsg" log_prefix("kernel: "));  unix-dgram("/dev/log"); };

# cp /usr/local/etc/syslog-ng/syslog-ng.conf /usr/local/etc/syslog-ng/syslog-ng.conf.original
# vi /usr/local/etc/syslog-ng/syslog-ng.conf

Stop the syslog service, and start the syslog-ng service.

# service syslog stop
Shutting down kernel logger:                               [  OK  ]
Shutting down system logger:                               [  OK  ]
# service syslog-ng start
Starting syslog-ng:                                        [  OK  ]


5 - Service Check

Reboot your computer. Log in like normal. Become root, and check to see that
the syslog service isn't running and the syslog-ng service is running. That's
it, now you have syslog-ng running on Fedora Core 3.

# service syslog status
syslogd is stopped
klogd is stopped
# service syslog-ng status
syslog-ng (pid 2309) is running...


Last modified: Thu Jan 1 00:00:00 1970 UTC
Packetwatch Research 2002-2017.