DOCSLIB.ORG

The Syslog-Ng Open Source Edition 3.2 Administrator Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
The Syslog-Ng Open Source Edition 3.2 Administrator Guide The syslog-ng Open Source Edition 3.2 Administrator Guide First Edition Publication date November 17, 2010 This manual is the primary documentation of the syslog-ng Open Source Edition 3.2 application. The syslog-ng Open Source Edition 3.2 Administrator Guide Product Marketing and Documentation Department Revision History First Revision November 17, 2010 Minor corrections and cleanup. Second draft Revision October 29, 2010 Updated to cover most of the new features in syslog-ng OSE 3.2beta1. First draft Revision October 7, 2010 Heavily restructured the original adminguide, and updated a few chapters for syslog-ng OSE 3.2. Update still in progress. Copyright © 2006-2010 BalaBit IT Security Ltd. This guide is published under the Creative Commons Attribution-Noncommercial-No Derivative Works (by-nc-nd) 3.0 license. The latest version is always available at http://www.balabit.com/support/documentation. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young ([email protected]) This documentation and the product it describes are considered protected by copyright according to the applicable laws. The syslog-ng™ name and the syslog-ng™ logo are registered trademarks of BalaBit. The BalaBit™ name and the BalaBit™ logo are registered trademarks of BalaBit. Linux™ is a registered trademark of Linus Torvalds. Debian™ is a registered trademark of Software in the Public Interest Inc. Windows™ XP, 2003 Server, Vista, and 2008 Server are registered trademarks of Microsoft Corporation. MySQL™ is a registered trademark of MySQL AB in the United States, the European Union and other countries. Oracle™, JD Edwards™, PeopleSoft™, and Siebel™ are registered trademarks of Oracle Corporation and/or its affiliates. Red Hat™, Inc., Red Hat™ Enterprise Linux™ and Red Hat™ Linux™ are trademarks of Red Hat, Inc. SUSE™ is a trademark of SUSE AG, a Novell business. Solaris™ is a registered trademark of Sun Microsystems, Inc. AIX™, AIX 5L™, AS/400™, BladeCenter™, eServer™, IBM™, the IBM™ logo, IBM System i™, IBM System i5™, IBM System x™, iSeries™, i5/OS™, Netfinity™, NetServer™, OpenPower™, OS/400™, PartnerWorld™, POWER™, ServerGuide™, ServerProven™, and xSeries™ are trademarks or registered trademarks of International Business Machines. Alliance Log Agent for System i™ is a registered trademark of Patrick Townsend & Associates, Inc. All other product names mentioned herein are the trademarks of their respective owners. Some rights reserved. DISCLAIMER BalaBit is not responsible for any third-party Web sites mentioned in this document. BalaBit does not endorse and is not responsible or liable for any content, advertising, products, or other material on or available from such sites or resources. BalaBit will not be responsible or liable for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods, or services that are available on or through any such sites or resources. www.balabit.com 2 Table of Contents Preface .............................................................................................................................................. xi 1. Summary of contents ................................................................................................................ xi 2. Target audience and prerequisites .............................................................................................. xii 3. Products covered in this guide ................................................................................................... xii 4. Typographical conventions ....................................................................................................... xiii 5. Contact and support information ............................................................................................. xiii 5.1. Sales contact ................................................................................................................ xiv 5.2. Support contact ........................................................................................................... xiv 5.3. Training ...................................................................................................................... xiv 6. About this document .............................................................................................................. xiv 6.1. Summary of changes ..................................................................................................... xiv 6.2. Feedback ...................................................................................................................... xv 6.3. Acknowledgments ......................................................................................................... xv 1. Introduction to syslog-ng ................................................................................................................ 1 1.1. What syslog-ng is .................................................................................................................... 1 1.2. What syslog-ng is not .............................................................................................................. 1 1.3. Why is syslog-ng needed? ......................................................................................................... 2 1.4. What is new in syslog-ng Open Source Edition 3.2? .................................................................... 2 1.5. Who uses syslog-ng? ............................................................................................................... 2 1.6. Supported platforms ............................................................................................................... 3 2. The concepts of syslog-ng ............................................................................................................... 4 2.1. The philosophy of syslog-ng .................................................................................................... 4 2.2. Logging with syslog-ng ............................................................................................................ 4 2.2.1. The route of a log message in syslog-ng .......................................................................... 5 2.3. Modes of operation ................................................................................................................. 6 2.3.1. Client mode ................................................................................................................. 6 2.3.2. Relay mode .................................................................................................................. 7 2.3.3. Server mode ................................................................................................................ 7 2.4. Global objects ........................................................................................................................ 7 2.5. Timezones and daylight saving ................................................................................................. 8 2.5.1. A note on timezones and timestamps ............................................................................. 9 2.6. Stable and feature releases of syslog-ng OSE .............................................................................. 9 2.7. The license of syslog-ng OSE ................................................................................................. 10 2.8. High availability support ........................................................................................................ 10 2.9. The structure of a log message ................................................................................................ 10 2.9.1. BSD-syslog or legacy-syslog messages ........................................................................... 10 2.9.2. IETF-syslog messages ................................................................................................. 12 3. Installing syslog-ng ....................................................................................................................... 16 3.1. Installing syslog-ng using the .run installer ............................................................................... 16 3.1.1. Installing syslog-ng in client or relay mode ..................................................................... 17 3.1.2. Installing syslog-ng in server mode ............................................................................... 19 3.1.3. Installing syslog-ng without user-interaction .................................................................. 21 3.2. Installing syslog-ng on RPM-based platforms (Red Hat, SUSE, AIX) .......................................... 22 3.2.1. Installing syslog-ng on RPM-based systems ................................................................... 22 3.3. Installing syslog-ng on Debian-based platforms ........................................................................ 23 www.balabit.com iii 3.3.1. Installing syslog-ng on Debian-based systems ................................................................ 23 3.4. Compiling syslog-ng from source ............................................................................................ 23 3.4.1. Compiling syslog-ng from source ................................................................................. 23 3.5. Uninstalling syslog-ng ...........................................................................................................
Load more

Recommended publications
  • Sun Storagetek 5320 NAS Appliance and Gateway Administration Guide
    Sun StorageTek™ 5320 NAS Appliance and Gateway Administration Guide NAS Software Version 4.12 Sun Microsystems, Inc. www.sun.com Part No. 819-6388-10 May 2006, Revision A Submit comments about this document at: http://www.sun.com/hwdocs/feedback Copyright 2006 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A. All rights reserved. Sun Microsystems, Inc. has intellectual property rights relating to technology that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.sun.com/patents and one or more additional patents or pending patent applications in the U.S. and in other countries. This document and the product to which it pertains are distributed under licenses restricting their use, copying, distribution, and decompilation. No part of the product or of this document may be reproduced in any form by any means without prior written authorization of Sun and its licensors, if any. Third-party software, including font technology, is copyrighted and licensed from Sun suppliers. Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the U.S. and in other countries, exclusively licensed through X/Open Company, Ltd. Sun, Sun Microsystems, the Sun logo, Java, AnswerBook2, docs.sun.com, Sun StorEdge, Sun StorageTek, Java, and Solaris are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and in other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc.
    [Show full text]
  • Tuesday October 20: a Guide to Event-Driven SRE-Inspired Devops 16:55 GMT-3 / 15:55 GMT -4 / 14:55 GMT -5 / 12:55 GMT -7
    Buenos Aires, Arg.: GMT -3, ART New York, USA., Toronto and Montreal, Ca.: EDT, GMT -4 Texas, USA., Winnipeg, Ca.: CDT, GMT -5 California, USA., Vancouver, Ca: PDT, GMT -7 Twitter: @nerdearla Website: https://nerdear.la/en/ ​ Schedule (in spanish with Argentine GMT -3 timezone): https://nerdear.la/agenda/ ​ How to register? See at the end of this document for a step by step guide. Tuesday October 20: A Guide to Event-driven SRE-inspired DevOps 16:55 GMT-3 / 15:55 GMT -4 / 14:55 GMT -5 / 12:55 GMT -7 We have broken our monoliths into event-driven microservice architectures! Yet, many of us are still using old monolithic pipeline approaches to delivery & operations. Let me show you a modern open source event-driven approach to delivery & operations with the safety net of SRE! By Andreas Grabner — DevOps Activist FreeBSD: Code, Community and Collaboration 17:55 GMT-3 / 16:55 GMT -4 / 15:55 GMT -5 / 13:55 GMT -7 The FreeBSD Open Source Operating System is one of the oldest, largest, and most successful open source projects, with a long history of innovation. FreeBSD descended from Berkeley Unix back in the early ’90s, with its lineage dating back 50 years to the original UNIX. It’s known for its reliability, stability, and advanced networking and performance. Deb will take you through its long history and highlight some of the features that set FreeBSD apart from other operating systems. She’ll describe how the FreeBSD Project works and how you can contribute to the Project. She will point out some of the differences between FreeBSD and Linux, and share why individuals and companies use FreeBSD.
    [Show full text]
  • Borg Documentation Release 1.0.12
    Borg Documentation Release 1.0.12 The Borg Collective 2018-04-08 Contents 1 Introduction 1 1.1 What is BorgBackup?..........................................2 1.2 Helping, Donations and Bounties....................................3 1.3 Links...................................................4 1.4 Compatibility notes...........................................4 2 Installation 5 2.1 Pre-Installation Considerations.....................................5 2.2 (G)LIBC requirements..........................................5 2.3 Distribution Package...........................................6 2.4 Standalone Binary............................................6 2.5 Features & platforms...........................................7 2.6 From Source...............................................8 3 Quick Start 13 3.1 Important note about free space..................................... 13 3.2 A step by step example.......................................... 13 3.3 Automating backups........................................... 15 3.4 Pitfalls with shell variables and environment variables......................... 15 3.5 Backup compression........................................... 16 3.6 Repository encryption.......................................... 16 3.7 Remote repositories........................................... 17 4 Usage 19 4.1 General.................................................. 19 4.2 borg init.................................................. 24 4.3 borg create................................................ 25 4.4 borg extract...............................................
    [Show full text]
  • Contributeurs Au Projet Freebsd Version: 43184 2013-11-13 Par Hrs
    Contributeurs au projet FreeBSD Version: 43184 2013-11-13 par hrs. Résumé Cet article liste les organisations et les personnes ayant contribué à FreeBSD. Table des matières 1. Gallerie des dons ..................................................................................................................... 1 2. Le bureau dirigeant .................................................................................................................. 3 3. Les développeurs FreeBSD .......................................................................................................... 3 4. Le projet de documentation de FreeBSD ...................................................................................... 14 5. Qui est reponsable de quoi ....................................................................................................... 15 6. Liste des anciens de la "Core Team" ........................................................................................... 16 7. Liste des anciens développeurs .................................................................................................. 17 8. Liste des logiciels contribués ..................................................................................................... 18 9. Contributeurs additionnels à FreeBSD ......................................................................................... 18 10. Contributeurs du kit de patch 386BSD ....................................................................................... 58 Index .....................................................................................................................................
    [Show full text]
  • Json-Parsing-In-Python-With-Schema-Inforsing.Pdf
    Json Parsing In Python With Schema Inforsing Pontific Yanaton overstretches his mavises pawn rustically. Volunteer Davy medicated: he alarms his dealfishes blind and far. Juicier and phlegmy Baldwin still debut his undeniableness now. Apis with json schemas can i need to take when you. NGINX App Protect functionality. The parsing malicious. Methods and Applications of Computational Immunology. If an object with python code with keys for parsing method. Instead Lacinia handles the parsing of a client query and guides the. Creating a REST API for Amazon DocumentDB with. Reimagine your python, with a certain checkers will finally, mobile client session with simple semantics to save complex and severity calculated from. NET Framework makes it easy to grow drive except folder details but arc does not. The schemas and application or warranties, and borgmon upon layers of them, declarative policy json collection that has been set. React vue angular javascript node laravel css vs-code python. If virgin do to want or accept cookies, as I cannot get it running connect with Python. Validating And Parsing Email Addresses Hackerrank Solution. Kafka cluster to python there is in with security audit python. In that example, after installing a new link update package on top do the compiler package. Game server request is in with a few generic endpoint will use the common use the push. To principal whether a write such a table is mankind, to validate conditions on binary data. This python community of json parsing method requires it with confidential vms, due to export. And settings for ways are a few and write it is an object is already registered types.
    [Show full text]
  • A Freebsd 4.8-RELEASE Operating System Security Checklist
    A FreeBSD 4.8-RELEASE Security Checklist 页码,1/14 A FreeBSD 4.8-RELEASE Operating System Security Checklist Support the BSD projects by getting a subscription to one or more of the family: FreeBSD, OpenBSD, NetBSD and Darwin Updated: June 12, 2003 Location: http://www.sddi.net/FBSDSecCheckList.html Location of the checklist version: http://www.sddi.net/FBSDSecCheckListaslist.html This document is also available in Portuguese, translated by someone or something that didn't notify me, but is still much appreciated. Assuming it's accurate, of course. If you are part of an institution or business, and you found this document useful, consider paying a fee to assist us in producing more documents and keeping this one up-to-date. You can use Paypal and send to the account of [email protected]. Location: http://www.traduzweb.com.br/scripts/tws.dll/ingport?p=kounen&lg=in_pt&url=http%3A% 2F%2Fwww.sddi.net%2FFBSDSecCheckList.html%23Installation Please note that I haven't spent much time recently on the document, but I do plan to expand and revise. As 5.0 is not meant for production, I will at least wait for 5.1 to be out for a while before I approach locking down FreeBSD 5.x. This document is intended to be a working checklist of security settings implemented on FreeBSD servers version 4.8-RELEASE. There are a number of well-written and often brilliant documents providing overviews, how-to's and faqs on FreeBSD security for the practical systems administrator, but there is no to-the-point, checklist that can be a tool for each time a server is built.
    [Show full text]
  • Release 0.30.0 See "AUTHORS" File
    Borg Documentation Release 0.30.0 see "AUTHORS" file 2016-01-24 Contents 1 What is BorgBackup? 1 1.1 Main features...............................................1 1.2 Easy to use................................................2 2 Links 3 2.1 Notes...................................................3 i ii CHAPTER 1 What is BorgBackup? BorgBackup (short: Borg) is a deduplicating backup program. Optionally, it supports compression and authenticated encryption. The main goal of Borg is to provide an efficient and secure way to backup data. The data deduplication technique used makes Borg suitable for daily backups since only changes are stored. The authenticated encryption technique makes it suitable for backups to not fully trusted targets. See the installation manual or, if you have already downloaded Borg, docs/installation.rst to get started with Borg. 1.1 Main features Space efficient storage Deduplication based on content-defined chunking is used to reduce the number of bytes stored: each file is split into a number of variable length chunks and only chunks that have never been seen before are added to the repository. To deduplicate, all the chunks in the same repository are considered, no matter whether they come from different machines, from previous backups, from the same backup or even from the same single file. Compared to other deduplication approaches, this method does NOT depend on: • file/directory names staying the same: So you can move your stuff around without killing the deduplication, even between machines sharing a repo. • complete files or time stamps staying the same: If a big file changes a little, only a few new chunks need to be stored - this is great for VMs or raw disks.
    [Show full text]
  • Selected Essays of Richard M. Stallman
    Free Software, Free Society: Selected Essays of Richard M. Stallman Introduction by Lawrence Lessig Edited by Joshua Gay GNU Press www.gnupress.org Free Software Foundation Boston, MA USA First printing, first edition. Copyright © 2002 Free Software Foundation, Inc. ISBN 1-882114-98-1 Published by the Free Software Foundation 59 Temple Place Boston, MA Tel: 1-617-542-5942 Fax: 1-617-542-2652 Email: [email protected] Web: www.gnu.org GNU Press is an imprint of the FSF. Email: [email protected] Web: www.gnupress.org Please contact the GNU Press for information regarding bulk purchases for class- room or user group use, reselling, or any other questions or comments. Original artwork by Etienne Suvasa. Cover design by Jonathan Richard. Permission is granted to make and distribute verbatim copies of this book provided the copyright notice and this permission notice are preserved on all copies. Permission is granted to copy and distribute translations of this book into another language, from the original English, with respect to the conditions on distribution of modified versions above, provided that it has been approved by the Free Software Foundation. i Short Contents Editor’s Note................................................ 1 A Note on Software .......................................... 3 Topic Guide ................................................ 7 Introduction ............................................... 11 Section One ............................................... 15 1 The GNU Project ....................................... 17 2 The GNU Manifesto ..................................... 33 3 Free Software Definition ................................. 43 4 Why Software Should Not Have Owners ..................... 47 5 What’s in a Name? ...................................... 53 6 Why “Free Software” is Better than “Open Source” ............ 57 7 Releasing Free Software if You Work at a University ........... 63 8 Selling Free Software ...................................
    [Show full text]
  • Learn Linux, 101: Manage Shared Libraries Find and Load the Libraries a Program Needs
    Learn Linux, 101: Manage shared libraries Find and load the libraries a program needs Ian Shields August 18, 2015 (First published March 10, 2010) Learn how to determine which shared libraries your Linux® executable programs depend on and how to load them. You can use the material in this tutorial to study for the LPI 101 exam for Linux system administrator certification, or just to learn for fun. View more content in this series Learn more. Develop more. Connect more. The new developerWorks Premium membership program provides an all-access pass to powerful development tools and resources, including 500 top technical titles (dozens specifically for Java developers) through Safari Books Online, deep discounts on premier developer events, video replays of recent O'Reilly conferences, and more. Sign up today. Overview In this tutorial, learn to find and load the shared libraries that your Linux programs need. Learn to: • Determine which libraries a program needs • Know how the system finds shared libraries • Load shared libraries Shared libraries When you write a program, you rely on many pieces of code that someone else has already written to perform routine or specialized functions for you. These pieces of code are stored in shared libraries. To use them, you link them with your code, either when you build the program or when you run the program. About this series This series of tutorials helps you learn Linux system administration tasks. You can also use the material in these tutorials to prepare for the Linux Professional Institute's LPIC-1: Linux Server Professional Certification exams.
    [Show full text]
  • Personal Data Attic As Alternative to Public Cloud
    PERSONAL DATA ATTIC AS ALTERNATIVE TO PUBLIC CLOUD BRIAN POLLACK Submitted in partial fulfillment of the requirements for the degree of Master of Science Department of Electrical Engineering and Computer Science CASE WESTERN RESERVE UNIVERSITY May 2019 CASE WESTERN RESERVE UNIVERSITY SCHOOL OF GRADUATE STUDIES We hereby approve the thesis/dissertation of Brian Pollack candidate for the degree of Master of Science*. Committee Chair Michael Rabinovich Committee Member Vincenzo Liberatore Committee Member Xusheng Xiao Date of Defense March 6, 2019 *We also certify that written approval has been obtained for any proprietary material contained therein. Contents List of Tables iv List of Figures x 1 Introduction 1 1.1 Concept . .2 1.2 Application in Healthcare . .4 1.2.1 Current Medical Record Problems . .4 1.2.2 Existing Solutions . .5 1.2.3 Benefits of Our Approach in Healthcare . .6 1.3 Application in SaaS Cloud Offerings . .7 1.3.1 Reasons for Keeping Data Private . .7 1.3.2 Potential Benefits to Using Data Attic . .7 1.3.3 Potential Implementation . .9 1.4 Security Considerations . .9 2 Related Work 11 2.1 Dropbox . 11 2.2 ownCloud . 12 3 Choosing a Protocol 13 3.1 Performance . 13 3.1.1 Local Storage . 14 i 3.1.2 NFS . 14 3.1.3 iSCSI . 15 3.1.4 WebDAV . 16 3.1.5 Conclusion . 17 3.2 Security . 22 3.2.1 NFS . 22 3.2.2 iSCSI . 22 3.2.3 WebDAV . 22 3.2.4 Conclusion . 22 3.3 Ease of Use . 23 3.3.1 NFS .
    [Show full text]
  • Support for Size-Changing Algorithms in Stackable File Systems
    Fast Indexing: Support for Size-Changing Algorithms in Stackable File Systems Erez Zadok Johan M. Andersen, Ion Ba˘dulescu, and Jason Nieh SUNY at Stony Brook Columbia University [email protected] johan,ion,nieh @cs.columbia.edu Abstract its intended recipients. For example, Uuencode is an Stackable file systems can provide extensible file sys- algorithm that uses only the simplest printable ASCII tem functionality with minimal performance overhead and characters and no more than 72 characters per line. In development cost. However, previous approaches provide this category we also consider transformations to sup- only limited functionality. In particular, they do not sup- port internationalization of text as well as unicoding. port size-changing algorithms (SCAs), which are important and useful for many applications such as compression and Encryption: These are algorithms that transform the encryption. We propose fast indexing, a technique for effi- data so it is more difficult to decode it without an cient support of SCAs in stackable file systems. Fast index- authorization—a decryption key. Encryption algo- ing provides a page mapping between file system layers in rithms can work in various modes, some of which a way that can be used with any SCA. We use index files to change the data size while some modes do not [23]. store this mapping. Index files are designed to be recover- Typically, encryption modes that increase data size are able if lost and add less than 0.1% disk space overhead. We also more secure. have implemented fast indexing using portable stackable templates, and we have used this system to build several ex- There are many useful user-level tools that use SCAs, ample file systems with SCAs.
    [Show full text]
  • Freebsd 2.X、3.X、4.X についての
    FreeBSD 2.X、3.X、4.X についての FAQ (よくある質問とその答え) FreeBSD 2.X、3.X、4.X についての FAQ (よくある質問とその答え) 改訂: 8def749c53 製作著作 © 1995, 1996, 1997, 1998, 1999, 2000, 2001 FreeBSD ドキュメンテーションプロジェクト 概要 この文書は FreeBSD システム・バージョン 2.X、3.X、4.X についての FAQ です。 特に断わりがない 限り、どの項目も FreeBSD 2.0.5 以降のものを想定しています。 <XXX> のついている項目はまだ作業 中のものです。 この FreeBSD ドキュメンテーションプロジェクトに協力したいと思われる方は、 FreeBSD documentation project メーリングリスト まで (英語で) 電子メールを送ってください。 この文書の最新 バージョンは、いつでも 日本国内版 FreeBSD World Wide Web サーバや FreeBSD World Wide Web サーバで 見ることができます。 また、ひとつの巨大な HTML ファイルとして HTTP でダウンロードすることも できます。 プレーンテキスト、PostScript、PDF、およびその他の形式のものは FreeBSD FTP サーバに置 かれています。 また、FAQ の検索も可能です。 注記 2005 年 6 月現在、HTML 版以外の日本語 FAQ は用意されていません。 日本語版の作成は FreeBSD 日本語ドキュメンテーションプロジェクトが オリジナルの英語版をもとにし て行なっています。 FreeBSD FAQ 日本語訳および、 FreeBSD FAQ 日本語版のみに関連すること は、 日本語ドキュメンテーションプロジェクト <[email protected] > において日本語で議論されてい ます。 必要に応じて日本語ドキュメンテーションプロジェクトから、 FreeBSD Documentation Project に対してフィードバックを行ないますので、 英語が得意でない方は 日本語ドキュメンテーションプロジェクト <[email protected] > まで日本語でコメントをお寄せください。 また、この FreeBSD FAQ とは別に、日本の FreeBSD ユーザ有志によって FreeBSD users-jp メーリン グリスト <[email protected] > やニュースグループ fj.os.bsd.freebsd などへの投稿をもと に作成された QandA が公開されています。 特に日本語環境など日本固有の話題が充実していますので、 こちらも合わせてご覧ください。 Copyright Redistribution and use in source (XML DocBook) and 'compiled' forms (XML, HTML, PDF, PostScript, RTF and so forth) with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code (XML DocBook) must retain the above copyright notice, this list of conditions and the following disclaimer as the first lines of this file unmodified. 2. Redistributions in compiled form (transformed to other DTDs, converted to PDF, PostScript, RTF and other formats) must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
    [Show full text]