syslog-ng Premium Edition 7.0.14 - Quick Start Guide

Downloading the Linux installer (server and client)

The following describes how to obtain the syslog-ng Premium Edition installer from MyBalabit.

Prerequisites:

The installers are available at the Downloads page. In addition to the installers, a valid license is required to install the syslog-ng PE server. Contact your sales representative for access and license files.

To obtain the syslog-ng Premium Edition installer

  1. Navigate to DOWNLOAD > SYSLOG-NG PREMIUM EDITION.

  2. Choose the latest available version (6.0.3 is used as an example):

    • Release: 6 LTS

    • Component: syslog-ng Premium Edition

    • Revision: 6.0.3

    • Platform: Linux glibc2.3.6

  3. Click linux glibc2.3.6 amd64 to download syslog-ng-premium-edition-6.0.3-linux-glibc2.3.6-amd64.run.

    The binaries include all required libraries and dependencies of syslog-ng. These components are installed in the /opt/syslog-ng directory.

    The installer can reuse existing configuration and license files, and also generate a simple configuration during the installation process. The syslog-ng.conf file is generated into the /opt/syslog-ng/etc/ directory during the installatino process. If you want to reuse an existing syslog-ng.conf configuration file, the installer will search for it under this directory as well.

    NOTE:

    Existing syslog implementations on Linux systems are replaced during installation.

Downloading the Windows installer (client only)

The following describes how to obtain the syslog-ng Agent for Windows installer from the syslog-ng PE product page on the Support Portal.

Prerequisites:

The installers are available through the syslog-ng PE product page on the Support Portal. In addition to the installers, a valid license is required to install the syslog-ng PE server. Contact your sales representative for access and license files.

To obtain the syslog-ng Agent for Windows installer from the syslog-ng PE product page on the Support Portal

  1. Navigate to the Downloads page page.

  2. Choose the latest available version (6.0.3 is used as an example):

    • Release: 6 LTS

    • Component: syslog-ng Agent for Windows

    • Revision: 6.0.3

    • Platform: Windows 2012

  3. Select syslog-ng Agent with MMC snapin (setup) 64/32bit

  4. Download syslog-ng-agent-6.0.3-setup.exe

    Regardless of the path name, the installer contains both the 32-bit and the 64-bit binaries.

  5. Installing the .NET framework

    The installer requires Microsoft .NET framework version 3.5 or 4.0. For further details, see The syslog-ng Agent for Windows Administration Guide.

Installing the syslog-ng PE server on Linux

The following describes how to install syslog-ng Premium Edition in server mode.

Prerequisites:

Running syslog-ng Premium Edition in server mode requires a license file. The license determines how many individual hosts can connect to the server. You can obtain the license from your sales representative.

To install syslog-ng Premium Edition in server mode

  1. Copy the installer and license.txt file to the server.

  2. Execute the following command as root:

    sh syslog-ng-premium-edition-6.0.3-linux-glibc2.3.6-amd64.run

  3. Select Continue on the Welcome screen, and accept the EULA.

  4. Verify that the system summary is correct.

    If false information is displayed, your platform might not be supported. Abort installation, and if necessary, contact One Identity for support.

  5. Keep the default installation path and register your installation. Existing syslog implementations on the system are replaced.

  6. Provide the full path to the license file (license.txt).

  7. The installer generates a very basic configuration file during the installation process. Provide the following answers for the following questions:

    Question Answer
    Remote source: Do you want to receive log messages from the network? Yes
    Remote destination: To forward your log messages to a remote server, enter the address of the server and select OK. Otherwise, select Skip. Skip
    Expected outcome

    The installer stops the previously installed syslog implementation, and starts the syslog-ng PE server.

  8. Validating the installation

    Test local logging:

    1. Issue the following commands as root:

      logger test message

    2. Verify local log with the following command:

      tail /var/log/messages

      Expected outcome

      The test message line is displayed in the log.

Installing the syslog-ng PE client on Linux

The following describes how to install syslog-ng Premium Edition in client mode.

Prerequisites:

No license file is required to run syslog-ng PE in client mode.

To install syslog-ng Premium Edition in client mode

  1. Execute the following command as root:

    sh syslog-ng-premium-edition-6.0.3-linux-glibc2.3.6-amd64.run

  2. Select Continue on the Welcome screen, and accept the EULA.

  3. Verify that the system summary is correct.

    If false information is displayed, your platform might not be supported. Abort installation, and if necessary, contact One Identity for support.

  4. Keep the default installation path and register your installation. Existing syslog implementations on the system are replaced.

  5. The installer generates a very basic configuration file during the installation process. Provide the following answers for the following questions:

    Question Answer
    Remote source: Do you want to receive log messages from the network? No
    Remote destination: To forward your log messages to a remote server, enter the address of the server and select OK. Otherwise, select Skip. <IP-address-of-destination-syslog-ng PE-server>
    Expected outcome

    The installer stops the previously installed syslog implementation, and starts the syslog-ng PE server.

  6. Validating the installation

    1. Test local logging. Issue the following commands as root:

      logger test message

    2. Verify local log with the following command:

      tail /var/log/messages

      Expected outcome

      The test message line is displayed in the log.

    3. Test remote logging. On the client machine, enter the following command:

      logger remote test message

    4. Verify the server log. On the syslog-ng PE server, enter:

      tail /var/log/messages

      Expected outcome

      The host name of the client machine and the message text remote test message is displayed in the log.

    Troubleshooting

    If messages are not forwarded from the client to the server, check if port 514 is blocked by a firewall (protected by default on most Linux servers).

Related Documents