Mac support is a returning question among syslog-ng users, especially when I talk to users in the US. For recent releases, each commit is automatically tested on macOS, on the other hand there is not much information available on Mac support. Recently I bought a MacBook to be able to test syslog-ng and to document how to use it. Here are my first experiences and some future plans.

A bit of history

Once upon a time syslog-ng was created with portability in mind. It was running on Linux, BSD variants, Solaris, True64, HP-UX and more. This also meant that syslog-ng ran on macOS after a few minor modifications.

For many years, syslog-ng was available through the Homebrew project, but it was removed once a macOS related compatibility problem was introduced through a dependency (macOS is case insensitive and ivykis had file names with the same spelling but different capitalization). A fixed ivykis is already in Homebrew, but syslog-ng itself is not (yet).

Pkgsrc, which is a package collection maintained by NetBSD and it also supports macOS, includes a port of syslog-ng. It was regularly updated up until about a year ago, but not recently.

Getting started

The best-known package collection for macOS is called Homebrew. The syslog-ng git book has a chapter on Mac support, which shows how to compile syslog-ng for macOS using dependencies from Homebrew: https://syslog-ng.gitbooks.io/getting-started/content/chapters/chapter_0/section_3.html

These instructions compile syslog-ng with only core features. Personally, I used to configure with the following options:

./configure --with-ivykis=system --disable-java --with-python=3.7

This uses ivykis from the system as installed by Homebrew, disables Java support (compile fails, if enabled) and uses Python 3.7 when compiling syslog-ng. Other features are enabled automatically if dependencies are found for it. As far as I could see, only libesmtp is missing from Homebrew.

I used the latest git snapshot for compilation. With all features enabled, the output from “syslog-ng -V” is:

Peters-MacBook-Pro:~ czanik$ /usr/local/sbin/syslog-ng -V
syslog-ng 3 (3.25.1.13.g4bb49e4)
Config version: 3.25
Installer-Version: 3.25.1.13.g4bb49e4
Revision:
Compile-Date: Dec 17 2019 13:03:07
Module-Directory: /usr/local/lib/syslog-ng
Module-Path: /usr/local/lib/syslog-ng
Include-Path: /usr/local/share/syslog-ng/include
Available-Modules: timestamp,kvformat,redis,riemann,afamqp,appmodel,afprog,examples,cef,map-value-pairs,kafka,stardate,system-source,confgen,afuser,xml,disk-buffer,tfgetent,linux-kmsg-format,dbparser,snmptrapd-parser,json-plugin,add-contextual-data,pseudofile,affile,csvparser,basicfuncs,syslogformat,hook-commands,afmongodb,graphite,snmpdest,tags-parser,geoip2-plugin,afstomp,http,afsql,mod-python,afsocket,cryptofuncs
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-IPv6: on
Enable-Spoof-Source: off
Enable-TCP-Wrapper: off
Enable-Linux-Caps: off
Enable-Systemd: off

When you try to start syslog-ng with the bundled configuration, it does not start. The reason is, that the system() source does not yet know about macOS. And even if it knew about it, there are no good defaults, as syslog-ng cannot collect local macOS logs directly (yet). There are multiple workarounds for this, like using a network source or reading log files.

Future plans

As you can see, I am still at the beginning of my journey with syslog-ng on Mac. The first and most important step were done by my colleagues: that syslog-ng compiles and runs on Mac. Here are a few possible next steps:

  • document how to collect local logs (most likely different solutions)

  • create a package for Homebrew

  • update the Pkgsrc package

  • check how syslog-ng can be started automagically as service

I do not have a definite road map for this, as I am a newbie on the Mac and most of it is done in my free time. Still, any questions, suggestion or help are very welcome!

If you have questions or comments related to syslog-ng, do not hesitate to contact us. You can reach us by email or even chat with us. For a list of possibilities, check our GitHub page under the “Community” section at https://github.com/syslog-ng/syslog-ng. On Twitter, I am available as @PCzanik.

Anonymous
Related Content