Support Logging setup

                    Syslog-ng Installation

                    Syslog-ng Installation

                    syslog-ng can be used to collect local syslog messages & monitor log files on your servers and then forward them to Loggly.

                    syslog-ng OSE is an open source alternative to the standard syslog daemon that's commonly found on UNIX and UNIX-like (*nix) systems. It uses the basic syslog protocol, but extends it with content-based filtering, flexible configuration options and adds important features, such as using TCP (as well as TLS), which is much more reliable than UDP. syslog-ng OSE is developed by Balabit. Great documentation for advanced configuration is available on their web site, but we'll share a standard config here.


                    Using a Package Manager

                    Depending on your Linux distribution you can use yum or APT (do this with root or sudo privileges):

                    # apt-get install syslog-ng

                    You will most likely need to enable Extra Packages for Enterprise Linux (EPEL)

                    # yum install syslog-ng

                    Configure either using our Configure-syslog script or manually.

                    Compiling From Source

                    Download syslog-ng source code & eventlog source code. Install both eventlog & syslog-ng. Eventlog is a generic event logging library developed by Balabit. Once you've unzipped both packages (evenlog_x.x.xx.tar.gz & syslog-ng-x.xx.tar.gz), do this in each of those directories:

                    $ ./configure
                    $ make
                    $ sudo make install

                    Configure either using our Configure-syslog script or manually.

                    On Amazon EC2

                    The Amazon EC2 Linux distribution includes rsyslog by default. First you must remove rsyslog. Use rpm instead of yum so you keep the dependencies you need to access the machine. Enable the epel repo because it’s not enabled by default. Also grab the syslog-ng-libdbi dependency because it’s not pulled by yum automatically.

                    sudo rpm -e --nodeps rsyslog
                    sudo yum install --enablerepo=epel syslog-ng
                    sudo yum install --enablerepo=epel syslog-ng-libdbi
                    sudo /etc/init.d/syslog-ng start

                    Configure either using our Configure-syslog script or manually.

                    Check your syslog-ng version

                    You'll need to know which version of syslog-ng you've got installed. We recommend running on the latest, but at least version 3.2 for best results.

                    $ syslog-ng -V
                    Thanks for the feedback! We'll use it to improve our support documentation.