AWG Blogs

Sunday, June 12, 2011

Install syslog-ng 3.3 on CentOS 5.5

Download from Balabit: syslog-ng_3.3.0bet1.tar.gz or syslog-ng_3.3.0beta2.tar.gz (see http://www.balabit.com/downloads/files?path=/syslog-ng/sources/3.3.0beta2/source) and unpack.
to get the latest, install git:
first update the repo to obtain epels:
rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm
then yum install git
or download the snapshot from http://git.balabit.hu/?p=bazsi/syslog-ng-3.3.git;a=tree
and untar over the above.

There may be prereqs on your system.


Download these rpms and install. :

rpm -Uvh kernel-headers-2.6.18-238.el5.i386.rpm
rpm -Uvh glibc-headers-2.5-58.i386.rpm
rpm -Uvh glibc-devel-2.5-58.i386.rpm
rpm -Uvh gcc-4.1.2-50.el5.i386.rpm
rpm -Uvh zlib-1.2.3-4.el5.i386.rpm
rpm -ivh zlib-devel-1.2.3-4.el5.i386.rpm
rpm -Uvh libffi-3.0.5-1.el5.kb.i386.rpm
rpm -Uvh libffi-devel-3.0.5-1.el5.kb.i386.rpm

Then install glib
wget ftp://ftp.gtk.org/pub/glib/2.29/glib-2.29.4.tar.bz2
tar jxvf glib-2.29.4.tar.bz2
cd glib-2.29.4
./configure
make
make install
done with installing glib prerequisite

Before install syslog-ng 3.3 beta, do
export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH
so that eventlog is found.

also do yum install openssl-devel
or

rpm -Uvh e2fsprogs-devel-1.39-23.el5_5.1.i386.rpm
rpm -Uvh keyutils-libs-devel-1.2-1.el5.i386.rpm
rpm -Uvh libselinux-devel-1.33.4-5.7.el5.i386.rpm
rpm -Uvh libsepol-devel-1.15.2-3.el5.i386.rpm
rpm -Uvh libselinux-devel-1.33.4-5.7.el5.i386.rpm
rpm -Uvh krb5-devel-1.6.1-55.el5.i386.rpm
rpm -Uvh openssl-devel-0.9.8e-12.el5_5.7.i386.rpm

also:
cd eventlog-0.2.12/
./configure
make
make install
then enter syslog-ng dir and
./configure --enable-pcre --disable-mongodb --disable-ipv6
make
make install
Note: To install with PCRE enabled, must first yum install pcre-devel
After that, some more setup:
mkdir /usr/local/var
cd /root/syslog-ng/syslog-ng-3.3.0beta1/contrib/
cp rhel-packaging/syslog-ng.init /etc/init.d/syslog-ng
cp rhel-packaging/syslog-ng.conf /usr/local/etc/
cp rhel-packaging/syslog-ng.logrotate /etc/logrotate.d/syslog-ng
chmod 755 /etc/init.d/syslog-ng
vi /etc/init.d/syslog-ng
Then change the binary to "/usr/local/sbin/syslog-ng"
Then start the service:
chkconfig syslog off or chkconfig rsyslog off as applicable

chkconfig syslog-ng on

service syslog stop

service syslog-ng start

Then edit /usr/local/etc/syslog-ng.conf
add options { threaded(yes); }; to the top, and any other configs.

service syslog-ng restart

CentOS 5.5 Kernel Upgrade and iotop Install

To run iotop.py you need a kernel greater than what CentOS provides. The following steps guide this upgrade, so that you can use iotop.

cd /usr/src
wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.39.1.tar.bz2
tar xjf linux-2.6.39.1.tar.bz2
ln -s linux-2.6.39.1 linux
cd linux
make mrproper
cp /boot/config-`uname -r` .config
yes "" | make oldconfig (this updates .config to all defaults)

edit .config, adding or updating the following options:
CONFIG_SYSFS_DEPRECATED=y
CONFIG_SYSFS_DEPRECATED_V2=y

make
make modules_install
make install
reboot

rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/python-ctypes-1.0.2-2.el5.i386.rpm
wget http://guichaz.free.fr/iotop/files/iotop-0.4.3.tar.gz
tar zxvf iotop-0.4.3.tar.gz
cd iotop-0.4.3
./iotop.py

Disclaimer: Perform the above instructions at your own risk.

For instructions on how to make the rpm (so the lengthy compilation can be done once for future installs), see http://www.howtoforge.com/kernel_compilation_centos
Note: will need to install rpm-build and ncurses-devel

Refs: