Version 8, a new major version of Red Hat Enterprise Linux was released this spring. Now that CentOS 8 is also available, there is a rapidly growing interest in syslog-ng running on these platforms. From this blog, you can learn about the availability of the current syslog-ng package and future plans.
Before you begin
Depending on your company’s policies and/or technical requirements, you have several choices about the syslog-ng package to use and there will be even more after the next release. If you do not need Kafka or one of the Java-based destination drivers, the syslog-ng package in EPEL might be your best choice. If you are not afraid of possible bugs and want to experience the latest developments, my git snapshot repository is updated regularly from git. Right now, there is limited choice besides these two packages, but it will change in the near future.
EPEL
Version 3.23.1 of syslog-ng is now available in EPEL 8. EPEL stands for Extra Packages for Enterprise Linux, a repository for RHEL (and CentOS) containing packages not available in RHEL. The packages in the repository are maintained by Fedora package maintainers, not Red Hat, but thanks to their high-quality standards, packages from this repository are often used even by companies, which otherwise do not allow 3rd party repositories.
As you can see, EPEL 8 does not use the latest available syslog-ng version, but the one available at the time EPEL 8 was created. This means that EPEL 8 will likely contain syslog-ng 3.23.1 forever, that is, until EPEL 8 is EoL. There are rumors, however, that once a new RHEL minor version is available, you will be able to upgrade the syslog-ng package in EPEL.
The syslog-ng package in EPEL 8 is missing a few features due to missing dependencies. These include all the Java-based destination drivers (HDFS, Elasticsearch, Kafka). Elasticsearch is now also supported by the HTTP destination of syslog-ng. There is a C-based Kafka destination driver in syslog-ng, but as librdkafka is too old in RHEL, it is also unavailable in EPEL.
You can learn how to enable the EPEL repository for your OS at https://fedoraproject.org/wiki/EPEL
If you do not need any of the missing drivers or latest functionality, this is probably your best choice.
Limited 3.24 test release
At the time syslog-ng 3.24 was released, most of the syslog-ng dependencies were missing from EPEL. So, I built a syslog-ng for RHEL 8 in a separate repository with only minimal features enabled. This build only carries core syslog-ng features and a few extras, like Python support, the HTTP destination (thus also Elasticsearch) and a few more where dependencies were available.
If you need the latest release and do not depend on one of the missing features, you can use these packages. First you need to enable EPEL (some dependencies are coming from there), then also enable this repository: https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng324el8/
Git snapshot packages
Once the missing dependencies were included in EPEL, with just a few changes to the syslog-ng.spec file bundled with syslog-ng sources (RHEL 8 dropped support for TCP wrappers), it was possible to build full featured syslog-ng packages for RHEL 8. My git snapshot repository now includes not just Fedora and RHEL 7, but also RHEL 8 support. Just as with my any other repositories, you need to enable EPEL first for dependencies and then the “EPEL for CentOS 8” repo from https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng-githead/
Besides syslog-ng, the Java-based destination drivers and up-to-date librdkafka are also available from this repository.
Future
As packages for RHEL 8 are now built together with the rest of Fedora / RHEL packages in my git snapshot repository, packaging will be easier from now on. There will not be a separate RHEL 8 specific repository. Once 3.25.1 is available, I will create my usual syslog-ng325 repo. After a few weeks, and if there are no serious problems with the release, I will copy the package to my syslog-ng-stable repository.
If you have questions or comments related to syslog-ng, do not hesitate to contact us. You can reach us by email or even chat with us. For a list of possibilities, check our GitHub page under the “Community” section at https://github.com/syslog-ng/syslog-ng. On Twitter, I am available as @PCzanik.