Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

syslog-ng on AIX

Posted on 2010-08-27
4
2,347 Views
Last Modified: 2013-11-17
I'd like to install syslog-ng on AIX. HAve any of you done this before? Where is the latest package for AIX? Do I need to compile from source? Any hint.

Thanks
0
Comment
Question by:sminfo
  • 3
4 Comments
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 33539836
Hello again,
yes I did it, and it works well.
The latest package (afaik) is here - http://www.perzl.org/aix/index.php?n=Main.Syslog-ng
It's "only" 3.0.5, but works (well, not out-of-the-box, see below).
Prerequisites are glib2, gettext, bzip2, readline, eventlog and pcre, all available at the above site.
Be careful with gettext! It contains libintl.a, which is very touchy regarding its versions. But if you don't have installed it yet, no problem.
openssl is also a prerequisite, and that's a bit tricky, because openssl is now shipped with AIX, and versions do not always match.
You need 0.9.8 or higher, please check with "lslpp -l | grep openssl".
As for the source version -
syslog-ng's newest stable version is 3.1.2.
Compiling it from source is possible, of course. You will need the GNU compiler collection (gcc), and gmake for that. You can get it from perzl.org too (see above).
Once you installed syslog-ng and try to run it, don't forget to disable AIXs own syslog (disable it in /etc/rc.tcpip).
I'd suggest to download all rpms, to start installing the prerequisites, then syslog-ng, and to see how far you get. If there are issues during the above, please tell me, I will assist you.
wmp
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
ID: 33540003
Some hints -
- If you do have gettext (and thus libintl.a), but in a wrong version, please tell me the details before over-installing something. I'd like to check it beforehand.
- If the syslog-ng installation complains about missing openssl although it's present (check with lslpp) you can install syslog-ng ignoring this dependency (use the "--nodeps" flag) - but only if openssl is actually 0.9.8 or better and if it's the only missing dependency!
- Before installing syslog-ng via rpm create the directories /var/lib/syslog-ng and, if it doesn't exist yet /var/log. For some reason the installer doesn't do that on its own.
- syslog-ng can be started with "startsrc -s syslogng" and it will run, but the subsystem will show up as "inoperative" with "lssrc -a", and that's the reason why you can't stop it with "stopsrc -s syslogng". I'm still researching on this.If you need to stop it in an automated way use the PID stored in /etc/syslog-ng.pid (kill $(cat /etc/syslog-ng.pid).
Good luck!
 wmp
0
 

Author Closing Comment

by:sminfo
ID: 33540115
Nice wmp, finally I installed it on a server.. but, can you give me a basic syslog-ng.conf file? Or the default syslog-ng.conf works fine? How can I configure it to send *.* to an external server?
Which is best syslogd or syslog-ng on AIX? Pros, Cons.


Thanks indeed.
regards
Israel.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 33540263
Congrats!
I once had a similar case here at EE where I posted a config - http://www.experts-exchange.com/OS/Unix/Q_23886277.html
The relevant parts for sending to an external server -
source s_local { unix-dgram("/dev/log"); };
destination d_loghost   { tcp("123.123.123.123" port(514)); };
log { source(s_local); destination(d_loghost); };

The only Con - syslog-ng is not part of AIX. There might be major changes in AIX in the future which syslog-ng wouldn't reflect. Maybe you would have to wait until the syslog-ng developers react upon those changes an update their product. But since syslogging is pretty much standard I hope this will not really happen.
It doesn't come with AIX, so for every new machine (if you don't clone) you must install it anew.
Pro - the filters! It's a very nice thing to be able to spread messages based on various criteria across several distinct logfiles, whose names may contain variables, such as $HOST.  Criteria can even consist of strings found in the content of the message ("match ..."), so you can accept/reject/distribute those messages very fine-grained. There is "and", "or", "not" to logically combine criteria as well. You can even send your messages to different loghosts based on those  criteria.
Also, setting owner/group/permissions of the logfiles is a good thing.
Thx for the points, and have a nice weekend, if there are no more questions to ask today  :-)
¡Salud!
wmp
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question