Red HatThis forum is for the discussion of Red Hat Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've checked at balabit.com and their site indicates that its supported up to RHEL 6. I've got a shiny new RHEL7 server and I don't want to go back to 6 but it looks like its going to be necessary.
I've configured it and it loads, but it doesn't actually write anything to disk. running in debug mode in the foreground it acts as if its not receiving any input at all.
SELINUX disabled.
Not asking for help to get it configured but has anyone been able to do this?
Many thanks to my sysadmin bretheren out there. I hope your day is filled with uptime and lots of Community Coffee (yes, a shameless plug, no I don't work for them...).
Ok, so I'm going to give it one last go with RHEL 7. I really wanted to compile and use it that way. i'm going To try out the link provided for Fedora.
And I have to give some credit to everyone on the thread because they led me to different research paths to the answer.
The fix:
1. Download the latest (I used today's latest stable) version of syslog-ng.
2. Download the latest event program also from balabit.com.
3. Extract the event program, ./configure; make; make install - it worked well with a default program.
4. export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig (this presumes you have run ./configure with defaults on RHEL7).
5. Extract the syslog-ng program.
********* --- VIP --->6. ./configure --enable-linux-caps;make;make install
7. syslog-ng.conf: configure this with your stuff. Use the udp() driver for selecting network sourced data.
8. Turn off or configure the firewall which is on by default.
9. ? turn off SE Linux (I typically do this anyway) or configure it to allow the program.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
