To obtain the syslog-ng Premium Edition installer
-
Navigate to Find Support By One Identity Product > SYSLOG-NG PREMIUM EDITION.
-
Choose the latest available version:
-
Click linux glibc2.11 amd64 to download syslog-ng-premium-edition-7.0.34-linux-glibc2.11-amd64.run.
The binaries include all required libraries and dependencies of syslog-ng. These components are installed in the /opt/syslog-ng directory.
The installer can reuse existing configuration and license files, and also generate a simple configuration during the installation process. The syslog-ng.conf file is generated into the /opt/syslog-ng/etc/ directory during the installatino process. If you want to reuse an existing syslog-ng.conf configuration file, the installer will search for it under this directory as well.
NOTE: Existing syslog implementations on Linux systems are replaced during installation.
To obtain the syslog-ng Agent for Windows installer from the syslog-ng PE product page on the Support Portal
-
Navigate to the Downloads page page.
-
Choose the latest available version (6.0.3 is used as an example):
-
Select syslog-ng Agent with MMC snapin (setup) 64/32bit
-
Download syslog-ng-agent-6.0.3-setup.exe
Regardless of the path name, the installer contains both the 32-bit and the 64-bit binaries.
-
The following describes how to install syslog-ng Premium Edition in server mode.
Prerequisites:
Running syslog-ng Premium Edition in server mode requires a license file. The license determines how many individual hosts can connect to the server. You can obtain the license from your sales representative.
To install syslog-ng Premium Edition in server mode
-
Copy the installer and license.txt file to the server.
-
Execute the following command as root:
sh syslog-ng-premium-edition-7.0.34-linux-glibc2.11-amd64.run
-
Select Continue on the Welcome screen, and accept the EULA.
-
Verify that the system summary is correct.
If false information is displayed, your platform might not be supported. Abort installation, and if necessary, contact One Identity for support.
-
Keep the default installation path and register your installation. Existing syslog implementations on the system are replaced.
-
Provide the full path to the license file (license.txt).
-
The installer generates a very basic configuration file during the installation process. Provide the following answers for the following questions:
Remote source: Do you want to receive log messages from the network? |
Yes |
Remote destination: To forward your log messages to a remote server, enter the address of the server and select OK. Otherwise, select Skip. |
Skip |
Expected outcome
The installer stops the previously installed syslog implementation, and starts the syslog-ng PE server.
-
Validating the installation
Test local logging:
-
Issue the following commands as root:
logger test message
-
Verify local log with the following command:
tail /var/log/messages
Expected outcome
The test message line is displayed in the log.
The following describes how to install syslog-ng Premium Edition in client mode.
Prerequisites:
No license file is required to run syslog-ng PE in client mode.
To install syslog-ng Premium Edition in client mode
-
Execute the following command as root:
sh syslog-ng-premium-edition-7.0.34-linux-glibc2.11-amd64.run
-
Select Continue on the Welcome screen, and accept the EULA.
-
Verify that the system summary is correct.
If false information is displayed, your platform might not be supported. Abort installation, and if necessary, contact One Identity for support.
-
Keep the default installation path and register your installation. Existing syslog implementations on the system are replaced.
-
The installer generates a very basic configuration file during the installation process. Provide the following answers for the following questions:
Remote source: Do you want to receive log messages from the network? |
No |
Remote destination: To forward your log messages to a remote server, enter the address of the server and select OK. Otherwise, select Skip. |
<IP-address-of-destination-syslog-ng PE-server> |
Expected outcome
The installer stops the previously installed syslog implementation, and starts the syslog-ng PE server.
-
Validating the installation
-
Test local logging. Issue the following commands as root:
logger test message
-
Verify local log with the following command:
tail /var/log/messages
Expected outcome
The test message line is displayed in the log.
-
Test remote logging. On the client machine, enter the following command:
logger remote test message
-
Verify the server log. On the syslog-ng PE server, enter:
tail /var/log/messages
Expected outcome
The host name of the client machine and the message text remote test message is displayed in the log.
Troubleshooting
If messages are not forwarded from the client to the server, check if port 514 is blocked by a firewall (protected by default on most Linux servers).