After more than a year, the latest version of syslog-ng compiles again on Red Hat Enterprise Linux version 6. This is thanks to a patch from Balázs Scheidler which resolves compatibility problems with older glib releases by implementing the missing functions within syslog-ng. As someone living on the edge I consider RHEL 6 ancient (even sometimes RHEL 7), but this release is still in wide use. This is the last RHEL release without systemd and also forms the base of Amazon’s Linux AMI running millions of instances. RHEL 6 is supported by Red Hat almost until the end of 2020.
By the time of this writing the latest version of syslog-ng is 3.13.2. Some bugs were found only after release, fixes for those were added to the 3.13 stable branch on github: https://github.com/balabit/syslog-ng/tree/3.13/master Instead of the official release tgz I used this git branch, added the compatibility patch on top of this and generated a new release tgz from these sources. Along the way I also added the necessary dependencies to the source rpm to enable GeoIP2 support.
Installation
My unofficial 3.13 packages are available at https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng313epel6/ While it is possible to download files using a browser (I met quite a few people doing so), I would rather recommend using a package manager. The following steps help you to configure the package manager and install syslog-ng:
- Depending on whether you have RHEL or CentOS 6, do the following:
- On RHEL: Enable the so-called “optional” repository , which contains a number of packages that are required to start syslog-ng.
- On CentOS: The content of this repo is included CentOS, so you do not have to enable it there separately.
- The Extra Packages for Enterprise Linux (EPEL) repository contains many useful packages, which are not included in RHEL. A few dependencies of syslog-ng are available this repo. You can enable it by downloading and installing an RPM package:
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm rpm -Uvh epel-release-latest-6.noarch.rpm
- Add the repo containing the latest unofficial build of syslog-ng. By the time of writing it is syslog-ng 3.13 and it is available on the Copr build service. Download the repo file to /etc/yum.repos.d/, so you can install and enable syslog-ng:
cd /etc/yum.repos.d/ wget https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng313epel6/repo/epel-6/czanik-syslog-ng313epel6-epel-6.repo yum install syslog-ng
Add any further sub-packages you need, for example geoip if you want to figure out geo-location from IP addresses.
- It is not strictly required, but you can avoid some confusion, if you also delete rsyslog at the same time:
yum erase rsyslog