How to compile syslog-ng from source

To compile syslog-ng Open Source Edition (OSE) from the source code, complete the following steps. Alternatively, you can buy pre-compiled binary packages for various platforms from the BalaBit webshop. When you buy a binary package, you automatically receive the latest version of syslog-ng OSE for your platform, and all updates for a year.

1. Download the latest version of syslog-ng OSE from https://www.balabit.com/downloads/files/syslog-ng/sources/stable/. The source code is available as a tar.gz archive file.
2. Download the latest version of the EventLog library available at https://www.balabit.com/downloads/files/eventlog/0.2/.
3. Install the following packages that are required to compile syslog-ng. These packages are available for most UNIX/Linux systems. Alternatively, you can also download the sources and compile them.
   • the gcc C compiler (at least version 2.7.2),
   • the GNU flex lexical analyser generator, available at http://flex.sourceforge.net/;
   • the bison parser generator, available at http://ftp.gnu.org/gnu/bison/;
   • and the development files of the glib library, available at http://freshmeat.net/projects/glib/.
4. If you want to use the spoof-source function of syslog-ng, install the development files of the libnet library, available at http://libnet.sourceforge.net.
5. If you want to use the /etc/hosts.deny and /etc/hosts.allow for TCP access, install the development files of the libwrap (also called TCP-wrappers) library, available at ftp://ftp.porcupine.org/pub/security/index.html.
6. Uncompress the eventlog archive using the

   $ tar xvfz eventlog-x.x.x.x.tar.gz

   or the

   $ gunzip -c eventlog-x.x.x.x.tar.gz | tar xvf -

   command. A new directory containing the source code of eventlog will be created.
7. By default, eventlog creates a file used by the syslog-ng configure script in the /usr/local/lib/pkgconfig directory. Issue the following command to add this directory to your PKG_CONFIG_PATH:

   PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH

8. Enter the new directory and issue the following commands:

   $ ./configure
   
   $ make 
   
   $ make install

9. Uncompress the syslog-ng archive using the

   tar xvfz syslog-ng-x.xx.tar.gz

   or the

   unzip -c syslog-ng-x.xx.tar.gz | tar xvf -

   command. A new directory containing the source code of syslog-ng will be created.
10. Enter the new directory and issue the following commands:

    $ ./configure
    
    $ make 
    
    $ make install

These commands will build syslog-ng using its default options.
11. If needed, use the following options to change how syslog-ng is compiled using the following command syntax:

    $ ./configure --compile-time-option-name

    • --enable-debug Include debug information.
    • --enable-sun-streams Enable Sun STREAMS support even if not detected (autodetected by default).
    • --enable-sun-door Enable Sun door support even if not detected (autodetected by default).
    • --enable-tcp-wrapper Enable using /etc/hosts.deny and /etc/hosts.allow for TCP access (disabled by default).
    • --enable-spoof-source Enable spoof_source feature (disabled by default).
    • --enable-ipv6 Enable IPv6 support.
    • --enable-static-linking Compile syslog-ng as a static binary.
    • --enable-dynamic-linking Compile syslog-ng as a completely dynamic binary. If not specified syslog-ng links dynamically to system libraries and statically to everything else.

For information on configuring syslog-ng, see the syslog-ng documentation.