How to compile syslog-ng from source

To compile syslog-ng Open Source Edition (OSE) from the source code, complete the following steps. Alternatively, you can buy pre-compiled binary packages for various platforms from the BalaBit webshop. When you buy a binary package, you automatically receive the latest version of syslog-ng OSE for your platform, and all updates for a year.

  1. Download the latest version of syslog-ng OSE from https://www.balabit.com/downloads/files/syslog-ng/sources/stable/. The source code is available as a tar.gz archive file.
  2. Download the latest version of the EventLog library available at https://www.balabit.com/downloads/files/eventlog/0.2/.
  3. Install the following packages that are required to compile syslog-ng. These packages are available for most UNIX/Linux systems. Alternatively, you can also download the sources and compile them.
  4. If you want to use the spoof-source function of syslog-ng, install the development files of the libnet library, available at http://libnet.sourceforge.net.
  5. If you want to use the /etc/hosts.deny and /etc/hosts.allow for TCP access, install the development files of the libwrap (also called TCP-wrappers) library, available at ftp://ftp.porcupine.org/pub/security/index.html.
  6. Uncompress the eventlog archive using the
    $ tar xvfz eventlog-x.x.x.x.tar.gz
    or the
    $ gunzip -c eventlog-x.x.x.x.tar.gz | tar xvf -
    command. A new directory containing the source code of eventlog will be created.
  7. By default, eventlog creates a file used by the syslog-ng configure script in the /usr/local/lib/pkgconfig directory. Issue the following command to add this directory to your PKG_CONFIG_PATH:
    PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH
  8. Enter the new directory and issue the following commands:
    $ ./configure
    $ make
    $ make install
  9. Uncompress the syslog-ng archive using the
    tar xvfz syslog-ng-x.xx.tar.gz
    or the
    unzip -c syslog-ng-x.xx.tar.gz | tar xvf -
    command. A new directory containing the source code of syslog-ng will be created.
  10. Enter the new directory and issue the following commands:
    $ ./configure
    $ make
    $ make install
  11. These commands will build syslog-ng using its default options.
  12. If needed, use the following options to change how syslog-ng is compiled using the following command syntax:
    $ ./configure --compile-time-option-name
    • --enable-debug Include debug information.
    • --enable-sun-streams Enable Sun STREAMS support even if not detected (autodetected by default).
    • --enable-sun-door Enable Sun door support even if not detected (autodetected by default).
    • --enable-tcp-wrapper Enable using /etc/hosts.deny and /etc/hosts.allow for TCP access (disabled by default).
    • --enable-spoof-source Enable spoof_source feature (disabled by default).
    • --enable-ipv6 Enable IPv6 support.
    • --enable-static-linking Compile syslog-ng as a static binary.
    • --enable-dynamic-linking Compile syslog-ng as a completely dynamic binary. If not specified syslog-ng links dynamically to system libraries and statically to everything else.

For information on configuring syslog-ng, see the syslog-ng documentation.