syslog-ng的使用

2011年12月23日 发表评论 阅读评论

syslog-ng是什么?syslog-ng作为syslog的替代工具,可以完全替代syslog的服务,并且通过定义规则,实现更好的过滤功能。                                                                                                                                                                                                                                                                                    syslog-ng的安装
此处选择的是源码包安装方式,因为rpm安装方式会默认安装到/opt目录下。
首先,下载所需的软件包:
wget http://caesar.acc.umu.se/pub/GNOME/sources/glib/2.10/glib-2.10.1.tar.gz
wget http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.0.5/source/eventlog_0.2.9.tar.gz
wget http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.0.5/source/syslog-ng_3.0.5.tar.gz
与syslog-ng匹配的eventlog版本,其官网上会一块儿提供。但在安装过程中可能会报glib版本过低的错误,这时只需要按其提示安装相应版本的glib就行了。此处我选择安装的是syslog-ng 3.0.5,只需要glib2.10.1就行。另外eventlog和glib2.0的安装也是有讲究的。不能直接一上去就./configure && make && make install ,因这这样虽然安装了上去,不过syslog-ng安装时不会默认识别这两个软件包的lib路径,需要再通过pkg-config设置,非常麻烦。这里介绍一种简单省心的安装方法。
就是在安装上面两个软件包时,通过./configure --prefix=/usr --libdir=/usr/lib --sysconfdir=/etc参数设置。这样其在默认的目录就能找到该包了。其实,一些其他软件包也推荐用这种方法装。
接下来./configure --prefix=/usr/local/syslog-ng安装

[root@server2 syslog-ng-3.0.5]# mkdir /usr/local/syslog-ng/etc
[root@server2 syslog-ng-3.0.5]# mkdir /usr/local/syslog-ng/var
[root@server2 syslog-ng-3.0.5]# cp contrib/syslog-ng.conf.RedHat   /usr/local/syslog-ng/etc/
[root@server2 syslog-ng-3.0.5]# cp contrib/init.d.RedHat /etc/init.d/syslog-ng
[root@server2 syslog-ng-3.0.5]# cd /usr/local/syslog-ng/etc/
[root@server2 etc]# mv syslog-ng.conf.RedHat syslog-ng.conf
[root@server2 etc]# chmod +x /etc/init.d/syslog-ng
[root@server2 etc]# chkconfig --add syslog-ng
如果没有syslog-ng的启动文件,可以自己在/etc/init.d目录自己建一个,输入内容如下:
#!/bin/bash
#chkconifg: --add syslog-ng
#chkconfig: 2345 12 88
#Description: syslog-ng

:

################################################################################
#
# Program: syslog-ng init script
#
# Description:
#
#  This is an init script for syslog-ng on the Linux platform.
#
#  It totally relies on the Redhat function library and works the same
#  way as other typical Redhat init scripts.
#
#
# Platforms (tested): Linux (Redhat 6.1)
#
#
# Author: Gregor Binder <gbinder@sysfive.com>
#
# Last Changed: October 10, 2000
#
#     Copyright (c) 2000 by sysfive.com GmbH, All rights reserved.
#
################################################################################

################################################################################
# configuration
#
#INIT_PROG="/path_to/syslog-ng"    # Full path to daemon
#INIT_OPTS=""                      # options passed to daemon
INIT_PROG="/usr/local/syslog-ng/sbin/syslog-ng"     # Full path to daemon
INIT_OPTS="-f /usr/local/syslog-ng/etc/syslog-ng.conf"   # options passed

#PATH=/bin:/sbin:/usr/bin:/usr/sbin
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/syslog-ng/bin:/usr/local/syslog-ng/sbin

INIT_NAME=`basename "$INIT_PROG"`

# Source Redhat function library.
#
. /etc/rc.d/init.d/functions

# Uncomment this if you are on Redhat and think this is useful
#
#. /etc/sysconfig/network
#
#if [ ${NETWORKING} = "no" ]
#then
#       exit 0
#fi

RETVAL=0

umask 077
ulimit -c 0

# See how we were called.
case "$1" in
  start)
        echo -n "Starting $INIT_NAME: "
        daemon --check $INIT_PROG "$INIT_PROG $INIT_OPTS"
        RETVAL=$?
        echo -n "Starting Kernel Logger: "
        [ -x "/sbin/klogd" ] && daemon klogd
        echo
        [ $RETVAL -eq 0 ] && touch "/var/lock/subsys/${INIT_NAME}"
        ;;
  stop)
        echo -n "Stopping $INIT_NAME: "
        killproc $INIT_PROG
        RETVAL=$?
        echo -n "Stopping Kernel Logger: "
        [ -x "/sbin/klogd" ] && killproc klogd
        echo
        [ $RETVAL -eq 0 ] && rm -f "/var/lock/subsys/${INIT_NAME}"
        ;;
  status)
        status $INIT_PROG
        RETVAL=$?
        ;;
  restart|reload)
        $0 stop
        $0 start
        RETVAL=$?
        ;;
  *)
        echo "Usage: $0 {start|stop|status|restart|reload}"
        exit 1
esac

exit $RETVAL
设置可执行权限就行了。

注:最新版本为3.4,不过安装时会让安装libmongo-client,因为其加入了对最新mongo数据库的支持。在此不建议安装太高版本的。




本站的发展离不开您的资助,金额随意,欢迎来赏!

You can donate through PayPal.
My paypal id: itybku@139.com
Paypal page: https://www.paypal.me/361way

  1. 本文目前尚无任何评论.