?
Solved

syslog-ng on AIX

Posted on 2010-08-27
4
Medium Priority
?
2,471 Views
Last Modified: 2013-11-17
I'd like to install syslog-ng on AIX. HAve any of you done this before? Where is the latest package for AIX? Do I need to compile from source? Any hint.

Thanks
0
Comment
Question by:sminfo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 2000 total points
ID: 33539836
Hello again,
yes I did it, and it works well.
The latest package (afaik) is here - http://www.perzl.org/aix/index.php?n=Main.Syslog-ng
It's "only" 3.0.5, but works (well, not out-of-the-box, see below).
Prerequisites are glib2, gettext, bzip2, readline, eventlog and pcre, all available at the above site.
Be careful with gettext! It contains libintl.a, which is very touchy regarding its versions. But if you don't have installed it yet, no problem.
openssl is also a prerequisite, and that's a bit tricky, because openssl is now shipped with AIX, and versions do not always match.
You need 0.9.8 or higher, please check with "lslpp -l | grep openssl".
As for the source version -
syslog-ng's newest stable version is 3.1.2.
Compiling it from source is possible, of course. You will need the GNU compiler collection (gcc), and gmake for that. You can get it from perzl.org too (see above).
Once you installed syslog-ng and try to run it, don't forget to disable AIXs own syslog (disable it in /etc/rc.tcpip).
I'd suggest to download all rpms, to start installing the prerequisites, then syslog-ng, and to see how far you get. If there are issues during the above, please tell me, I will assist you.
wmp
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 2000 total points
ID: 33540003
Some hints -
- If you do have gettext (and thus libintl.a), but in a wrong version, please tell me the details before over-installing something. I'd like to check it beforehand.
- If the syslog-ng installation complains about missing openssl although it's present (check with lslpp) you can install syslog-ng ignoring this dependency (use the "--nodeps" flag) - but only if openssl is actually 0.9.8 or better and if it's the only missing dependency!
- Before installing syslog-ng via rpm create the directories /var/lib/syslog-ng and, if it doesn't exist yet /var/log. For some reason the installer doesn't do that on its own.
- syslog-ng can be started with "startsrc -s syslogng" and it will run, but the subsystem will show up as "inoperative" with "lssrc -a", and that's the reason why you can't stop it with "stopsrc -s syslogng". I'm still researching on this.If you need to stop it in an automated way use the PID stored in /etc/syslog-ng.pid (kill $(cat /etc/syslog-ng.pid).
Good luck!
 wmp
0
 

Author Closing Comment

by:sminfo
ID: 33540115
Nice wmp, finally I installed it on a server.. but, can you give me a basic syslog-ng.conf file? Or the default syslog-ng.conf works fine? How can I configure it to send *.* to an external server?
Which is best syslogd or syslog-ng on AIX? Pros, Cons.


Thanks indeed.
regards
Israel.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 33540263
Congrats!
I once had a similar case here at EE where I posted a config - http://www.experts-exchange.com/OS/Unix/Q_23886277.html
The relevant parts for sending to an external server -
source s_local { unix-dgram("/dev/log"); };
destination d_loghost   { tcp("123.123.123.123" port(514)); };
log { source(s_local); destination(d_loghost); };

The only Con - syslog-ng is not part of AIX. There might be major changes in AIX in the future which syslog-ng wouldn't reflect. Maybe you would have to wait until the syslog-ng developers react upon those changes an update their product. But since syslogging is pretty much standard I hope this will not really happen.
It doesn't come with AIX, so for every new machine (if you don't clone) you must install it anew.
Pro - the filters! It's a very nice thing to be able to spread messages based on various criteria across several distinct logfiles, whose names may contain variables, such as $HOST.  Criteria can even consist of strings found in the content of the message ("match ..."), so you can accept/reject/distribute those messages very fine-grained. There is "and", "or", "not" to logically combine criteria as well. You can even send your messages to different loghosts based on those  criteria.
Also, setting owner/group/permissions of the logfiles is a good thing.
Thx for the points, and have a nice weekend, if there are no more questions to ask today  :-)
¡Salud!
wmp
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question