syslog-ng是什么?syslog-ng作为syslog的替代工具,可以完全替代syslog的服务,并且通过定义规则,实现更好的过滤功能。 syslog-ng的安装
此处选择的是源码包安装方式,因为rpm安装方式会默认安装到/opt目录下。
首先,下载所需的软件包:
wget http://caesar.acc.umu.se/pub/GNOME/sources/glib/2.10/glib-2.10.1.tar.gz
wget http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.0.5/source/eventlog_0.2.9.tar.gz
wget http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.0.5/source/syslog-ng_3.0.5.tar.gz
与syslog-ng匹配的eventlog版本,其官网上会一块儿提供。但在安装过程中可能会报glib版本过低的错误,这时只需要按其提示安装相应版本的glib就行了。此处我选择安装的是syslog-ng 3.0.5,只需要glib2.10.1就行。另外eventlog和glib2.0的安装也是有讲究的。不能直接一上去就./configure && make && make install ,因这这样虽然安装了上去,不过syslog-ng安装时不会默认识别这两个软件包的lib路径,需要再通过pkg-config设置,非常麻烦。这里介绍一种简单省心的安装方法。
就是在安装上面两个软件包时,通过./configure –prefix=/usr –libdir=/usr/lib –sysconfdir=/etc参数设置。这样其在默认的目录就能找到该包了。其实,一些其他软件包也推荐用这种方法装。
接下来./configure –prefix=/usr/local/syslog-ng安装
[root@server2 syslog-ng-3.0.5]# mkdir /usr/local/syslog-ng/etc
[root@server2 syslog-ng-3.0.5]# mkdir /usr/local/syslog-ng/var
[root@server2 syslog-ng-3.0.5]# cp contrib/syslog-ng.conf.RedHat /usr/local/syslog-ng/etc/
[root@server2 syslog-ng-3.0.5]# cp contrib/init.d.RedHat /etc/init.d/syslog-ng
[root@server2 syslog-ng-3.0.5]# cd /usr/local/syslog-ng/etc/
[root@server2 etc]# mv syslog-ng.conf.RedHat syslog-ng.conf
[root@server2 etc]# chmod +x /etc/init.d/syslog-ng
[root@server2 etc]# chkconfig –add syslog-ng
如果没有syslog-ng的启动文件,可以自己在/etc/init.d目录自己建一个,输入内容如下:
#!/bin/bash
#chkconifg: –add syslog-ng
#chkconfig: 2345 12 88
#Description: syslog-ng
:
################################################################################
#
Program: syslog-ng init script
#
Description:
#
# This is an init script for syslog-ng on the Linux platform.
#
# It totally relies on the Redhat function library and works the same
# way as other typical Redhat init scripts.
#
#
Platforms (tested): Linux (Redhat 6.1)
#
#
Author: Gregor Binder <gbinder@sysfive.com>
#
Last Changed: October 10, 2000
#
# Copyright (c) 2000 by sysfive.com GmbH, All rights reserved.
#
################################################################################
################################################################################
configuration
#
#INIT_PROG=”/path_to/syslog-ng” # Full path to daemon
#INIT_OPTS=”” # options passed to daemon
INIT_PROG=”/usr/local/syslog-ng/sbin/syslog-ng” # Full path to daemon
INIT_OPTS=”-f /usr/local/syslog-ng/etc/syslog-ng.conf” # options passed
#PATH=/bin:/sbin:/usr/bin:/usr/sbin
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/syslog-ng/bin:/usr/local/syslog-ng/sbin
INIT_NAME=basename "$INIT_PROG"
Source Redhat function library.
#
. /etc/rc.d/init.d/functions
Uncomment this if you are on Redhat and think this is useful
#
#. /etc/sysconfig/network
#
#if [ ${NETWORKING} = “no” ]
#then
# exit 0
#fi
RETVAL=0
umask 077
ulimit -c 0
See how we were called.
case “$1” in
start)
echo -n “Starting $INIT_NAME: ”
daemon –check $INIT_PROG “$INIT_PROG $INIT_OPTS”
RETVAL=$?
echo -n “Starting Kernel Logger: ”
[ -x “/sbin/klogd” ] && daemon klogd
echo
[ $RETVAL -eq 0 ] && touch “/var/lock/subsys/${INIT_NAME}”
;;
stop)
echo -n “Stopping $INIT_NAME: ”
killproc $INIT_PROG
RETVAL=$?
echo -n “Stopping Kernel Logger: ”
[ -x “/sbin/klogd” ] && killproc klogd
echo
[ $RETVAL -eq 0 ] && rm -f “/var/lock/subsys/${INIT_NAME}”
;;
status)
status $INIT_PROG
RETVAL=$?
;;
restart|reload)
$0 stop
$0 start
RETVAL=$?
;;
*)
echo “Usage: $0 {start|stop|status|restart|reload}”
exit 1
esac
exit $RETVAL
设置可执行权限就行了。
注:最新版本为3.4,不过安装时会让安装libmongo-client,因为其加入了对最新mongo数据库的支持。在此不建议安装太高版本的。