The syslog-ng 3.0 Administrator Guide

Document version: Thirteenth
Release date: September 23, 2010
Latest version available at the BalaBit Documentation Page

4.4. Compiling syslog-ng from source

To compile syslog-ng Open Source Edition (OSE) from the source code, complete the following steps. Alternatively, you can use the precompiled binary packages. Precompiled binary packages are available for free for the supported Linux and BSD platforms at http://www.balabit.com/network-security/syslog-ng/opensource-logging-system/upgrades/. Precompiled binary packages for HP-UX, IBM AIX, and Solaris are available for an annual fee at the BalaBit webshop at http://www.balabit.com/. When you buy a binary package, you automatically receive the latest version of syslog-ng OSE for your platform, and all updates for a year.

Procedure 4.4.1. Compiling syslog-ng from source

  1. Download the latest version of syslog-ng OSE from https://www.balabit.com/downloads/files?path=/syslog-ng/sources/. The source code is available as a tar.gz archive file.

  2. Download the latest version of the EventLog library available at https://www.balabit.com/downloads/files/eventlog/0.2/.

  3. Install the following packages that are required to compile syslog-ng. These packages are available for most UNIX/Linux systems. Alternatively, you can also download the sources and compile them.

  4. If you want to use the spoof-source function of syslog-ng, install the development files of the libnet library, available at http://libnet.sourceforge.net.

  5. If you want to use the /etc/hosts.deny and /etc/hosts.allow for TCP access, install the development files of the libwrap (also called TCP-wrappers) library, available at ftp://ftp.porcupine.org/pub/security/index.html.

  6. Uncompress the eventlog archive using the 

    $ tar xvfz eventlog-x.x.x.x.tar.gz

    or the 

    $ gunzip -c eventlog-x.x.x.x.tar.gz | tar xvf -

    command. A new directory containing the source code of eventlog will be created.

  7. By default, eventlog creates a file used by the syslog-ng configure script in the /usr/local/lib/pkgconfig directory. Issue the following command to add this directory to your PKG_CONFIG_PATH:

    PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH

  8. Enter the new directory and issue the following commands:

    $ ./configure
$ make
$ make install

  9. Uncompress the syslog-ng archive using the

    tar xvfz syslog-ng-x.xx.tar.gz

    or the

    unzip -c syslog-ng-x.xx.tar.gz | tar xvf -

    command. A new directory containing the source code of syslog-ng will be created.

  10. Enter the new directory and issue the following commands: 

    $ ./configure
$ make 
$ make install

    These commands will build syslog-ng using its default options.

  11. If needed, use the following options to change how syslog-ng is compiled using the following command syntax:

    $ ./configure --compile-time-option-name
    [Note] Note

    You can also use --disable options, to explicitly disable a feature and override autodetection. For example, to disable the TCP-wrapper support, use the --disable-tcp-wrapper option.

    [Note] Note

    Note that the pre-compiled binary packages of syslog-ng Open Source Edition (OSE) and the syslog-ng Premium Edition packages (both available from the BalaBit webshop at http://www.balabit.com/) are compiled with all options enabled.

    Execute syslog-ng --version to display the list of enabled build parameters of a syslog-ng binary.

    [Warning] Warning

    Starting with syslog-ng Open Source Edition 3.0.2, default linking mode of syslog-ng is dynamic. This means that syslog-ng might not be able to start up if the /usr directory is on NFS. On platforms where syslog-ng is used as a system logger, the --enable-mixed-linking is preferred.

    • --enable-debug Include debug information.

    • --enable-dynamic-linking Compile syslog-ng as a completely dynamic binary. If not specified syslog-ng uses mixed linking (--enable-mixed-linking): it links dynamically to system libraries and statically to everything else.

    • --enable-ipv6 Enable IPv6 support.

    • --enable-linux-caps Enable support for capabilities on Linux.

    • --enable-pcre Enable using PCRE-type regular expressions. Requires the libpcre library package.

    • --enable-spoof-source Enable spoof_source feature (disabled by default).

    • --enable-static-linking Compile syslog-ng as a static binary.

    • --enable-sun-door Enable Sun door support even if not detected (autodetected by default).

    • --enable-sun-streams Enable Sun STREAMS support even if not detected (autodetected by default).

    • --enable-tcp-wrapper Enable using /etc/hosts.deny and /etc/hosts.allow for TCP access (enabled automatically if the libwrap libraries are detected).

    • --with-timezone-dir Specifies the directory where syslog-ng looks for the timezone files to resolve the time_zone() and local_time_zone() options. If not specified, the /opt/syslog-ng/share/zoneinfo/ and /usr/share/zoneinfo/ directories are checked, respectively. Note that HP-UX uses a unique file format (tztab) to describe the timezone information; that format is currently not supported in syslog-ng. As a workaround, copy the zoneinfo files from another, non-HP-UX system to the /opt/syslog-ng/share/zoneinfo/ directory of your HP-UX system.

For information on configuring syslog-ng, see the Chapter 3, Configuring syslog-ng.

Prev  Up  Next
4.3. Installing syslog-ng on Debian-based platforms  Home | Contents  4.5. Uninstalling syslog-ng

© 2007-2010 BalaBit IT Security
Please send your comments or documentation bugs to: documentation@balabit.com