Building Syslog-NG 2.0.9 on Solaris 10
Source Build
tested on x86 and sparc
take one 5/08 solaris release (I used SUNWXall cluster)
sparc .profile
-bash-3.00$ cat .profile
echo ".profile"
PATH=/usr/sfw/bin:/usr/ccs/bin:/opt/sfw/bin/:/usr/bin:/usr/ucb:/usr/sbin:/usr/local/bin::
CFLAGS="-O3 -pipe -mcpu=v9 -mtune=ultrasparc"
export PATH CFLAGS
for .x86 remove the -mcpu and -mtune flags
add :
LINK : http://www.balabit.com/downloads/files/syslog-ng/sources/stable/src/syslog-ng-2.0.9.tar.gz
LINK : http://www.balabit.com/downloads/files/syslog-ng/sources/stable/src/eventlog-0.2.7.tar.gz
build eventlog first:
using the normal configure , make , make install cycle
now export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH
now build syslog-ng
I had to use the --enable-dynamic-linking flag to the configure command
now run a make , it will fail with a yylex missing smbol error on the loggen module
now edit the tests/loggen/Makefile and look for -lfl and -lwarp and remove them (i did not want tcp wrappers anyway)
rerun make and all will build
SMF integration
create /lib/svc/method/svc-syslog-ng
#!/bin/sh
. /lib/svc/share/smf_include.sh
# Start processes required for syslog-ng
if [ -x /usr/local/sbin/syslog-ng ]; then
/usr/local/sbin/syslog-ng
else
exit $SMF_EXIT_ERR_CONFIG
fi
exit $SMF_EXIT_OK
now create /var/svc/manifest/site/syslog-nt.xml
<?xml version="1.0"?><!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<service_bundle type='manifest' name='syslog-ng'>
<service name='site/syslog-ng' type='service' version='1'>
<create_default_instance enabled='false' />
<single_instance/>
<dependency
name='milestone'
grouping='require_all'
restart_on='none'
type='service'>
<service_fmri value='svc:/milestone/sysconfig' />
</dependency>
<dependency
name='filesystem'
grouping='require_all'
restart_on='none'
type='service'>
<service_fmri value='svc:/system/filesystem/local' />
</dependency>
<dependency
name='autofs'
grouping='optional_all'
restart_on='none'
type='service'>
<service_fmri value='svc:/system/filesystem/autofs' />
</dependency>
<dependency
name='name-services'
grouping='require_all'
restart_on='none'
type='service'>
<service_fmri value='svc:/milestone/name-services' />
</dependency>
<dependent
name='syslog-ng_single-user'
grouping='optional_all'
restart_on='none'>
<service_fmri value='svc:/milestone/multi-user' />
</dependent>
<exec_method
type='method'
name='start'
exec='/lib/svc/method/svc-syslog-ng'
timeout_seconds='60' />
<exec_method
type='method'
name='stop'
exec=':kill'
timeout_seconds='60' />
<exec_method
type='method'
name='refresh'
exec=':kill -HUP'
timeout_seconds='60' />
<property_group name='general' type='framework'>
<!-- to start stop syslog daemon -->
<propval name='action_authorization' type='astring'
value='solaris.smf.manage.syslog-ng' />
</property_group>
<stability value='Unstable' />
<template>
<common_name>
<loctext xml:lang='C'> syslog-ng
</loctext>
</common_name>
<documentation>
<manpage title='syslog-ng' section='1M'
manpath='/usr/local/man' />
</documentation>
</template>
</service>
</service_bundle>
Now import into the svc
svccfg import syslog-ng.xml
and start
svcadm enable syslog-ng
mysql logging
Pay money for the mysql support in syslog-ng ... i dont think so!
add to syslog-ng.conf
destination d_mysql {
program("//opt/coolstack/mysql/bin/mysql -usyslogadmin -padm_muppet syslog"
template("INSERT INTO logs (host, facility, priority, level, tag, datetime, program, msg)
VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n")
template-escape(yes));
};
#mysql destination
log {
source(s_all); filter(f_debug);
destination(d_mysql);
};
Php-syslog-ng
wip