AW: [syslog-ng]What are the installation requirements???

Sippel, Christian
Wed, 2 Jan 2002 15:37:58 +0100

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

Content-Type: text/plain

try following the instructions in the "install"-file which is part of the

Hope this helps,


> ----------
> Von: 	Krishna[]
> Antwort an:
> Gesendet: 	Samstag, 22. Dezember 2001 10:20
> An:
> Betreff: 	[syslog-ng]What are the installation requirements???
> Hi,
>        I am new to syslog-ng. I wanted to know what are the installation
> reqirements for this package to install.I tried to install it but got lot
> of error's.
> Please Help
> regards
> Krishna Shekhar
> Network Administrator

Content-Type: application/octet-stream;
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;

Installation instructions for SYSLOG-NG

Welcome. This is syslog-ng, which stands for syslog-new-generation, a =
enhanced system logging daemon.

Unpacking the distribution

The distribution arrives in .tar.gz format though OS/distribution =
is possible. The file is named:


where x.xx stands for the version number. You must have tar and gzip to
unpack the distribution (sorry, compress is not supported). If you have =
tar simply execute the following command:

	tar xvfz syslog-ng-x.xx.tar.gz

If your version of tar doesn't support z (most non-GNU tars), you =
execute this one:

	gunzip -c syslog-ng-x.xx.tar.gz | tar xvf -

After this, you'll get a directory named syslog-ng-x.xx, where the =
source for
syslog-ng will be unpacked.

Compiling the program:

syslog-ng requires gcc as a C compiler (at least version 2.7.2), GNU =
flex as
a lex, and bison as a parser generator. Some GNU C and GNU flex =
are used, porting to other compilers/lex/yacc combination is welcome.

You will need the libol package (available at the same place where you=20
acquired syslog-ng) to successfully compile syslog-ng. First extract, =
and install libol using=20

./configure && make && make install

If you do not want to install libol, you must supply a=20
--with-libol=3D/path/to/libol parameter to syslog-ng's configure =

Then cd to the syslog-ng-x.xx directory, and execute the following =


After the make cycle finishes, you'll get an executable in the src

   syslog-ng		- the main binary

Now do a "make install" and you are done.=20

Later as hashing support comes in, you'll find additional binaries.

Configuration file:

Syslog-ng uses a different configuration scheme than the original =
which sits at /etc/syslog-ng/syslog-ng.conf.

The manpage for syslog-ng.conf(5) or the documentation under doc =
contains a
/reference about keywords and syntax which can be used in the
config file. For now I only explain system dependencies.

Every unix version has a slightly different way of sending log =
messages, and
since syslog-ng gives you the power of choosing your log-sources, you =
have to
be aware some of the internals.

  Linux has a dedicated unix socket called /dev/log, where log messages =
  written to, and read from. It is of type SOCK_STREAM. So the correct =
  statement for standard linux log messages is:

      source stdlog { unix-stream("/dev/log"); };

  BSD is similar to Linux (or vice-versa Linux is similar to BSD, but =
this is
  another issue), so BSD has also a unix socket for log communication, =
  it's of type SOCK_DGRAM, and it is located at /var/run/log. So the =
  statement you are looking for is:

      source stdlog { unix-dgram("/var/run/log"); };

  Solaris (2.5.1 or below):

  SunOS/Solaris has a universal means of communications called STREAMS. =
It is
  used as both an in-kernel and kernel-user interface. You'll need to =
feed the
  following statement to syslog-ng to accept all messages:

      source stdlog { sun-stream("/dev/log"); };

  Solaris (2.6 or up)

  In addition to the STREAMS device used in earlier versions, a door is =
used to
  make sure after each message that the system logging daemon is still =
  To create that door, you'll need the door() option of the sun-stream =
  Sun has added a new method to the pool of possible IPC mechanisms, =
and it
  is called door. syslog-ng supports this method with the sun-door =
keyword. A
  door is a special file in the filesystem, and is called =
  So your correct source statement would be:

      source stdlog { sun-streams("/dev/log" =
door("/etc/.syslog_door")); };

  AIX (unknown revision)
  AIX does support STREAMS, but its log transport doesn't use it. As it
  seems /dev/log is a simple unix socket, though I can't find out =
  it uses SOCK_DGRAM or SOCK_STREAM semantics.

  HP-UX (unknown revision)
  HP-UX uses a named pipe called /dev/log for log transport, and you=20
  should be able to use this with the pipe() driver. However, this is
  completely untested.