1 Syslog-ng
1.1 라이브러리 설치
à libol, libnet, eventlog, pcre
1.1.1 libol-0.3.18 설치
à syslog-ng 설치하기 전에 libol을 먼저 설치 해야 한다.
<다운로드>
[root@log:/usr/local/src]#wget http://www.balabit.com/downloads/files/libol/0.3/libol-0.3.18.tar.gz
<압축해제>
[root@log:/usr/local/src]#tar xvfz libol-0.3.18.tar.gz
<설치>
[root@log:/usr/local/src/libol-0.3.18]#./configure && make && make install
à기본적으로 "/usr/local" 에 설치됨
1.1.2 libnet 설치
<다운로드>
[root@log:/usr/local/src]#wget http://www.sfr-fresh.com/unix/privat/libnet-1.1.2.1.tar.gz
<압축해제>
[root@log:/usr/local/src]#tar xvfz libnet-1.1.2.1.tar.gz
<설치>
[root@log:/usr/local/src/libnet]#./configure && make && make install
1.1.3 eventlog 설치
<다운로드>
[root@log:/usr/local/src]#wget http://www.balabit.com/downloads/files/eventlog/0.2/eventlog_0.2.9.tar.gz
<압축해제>
[root@log:/usr/local/src]#tar xvfz eventlog_0.2.9.tar.gz
<설치>
[root@log:/usr/local/src/eventlog-0.2.9]#./configure && make && make install
<pkg-config PATH지정>
[root@log:/usr/local/src/syslog-ng-3.0.5]#export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/local/lib/pkgconfig
1.1.4 pcre 설치
à 원래 pcre는 있었지만 syslog-ng 설치시 7.0버젼 이상을 요구하므로 최신 버전을 설치해준다.
<다운로드>
[root@log:/usr/local/src]#wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-7.7.tar.bz2
<압축해제>
[root@log:/usr/local/src]#tar xvfj pcre-7.7.tar.bz2
<설치>
[root@log:/usr/local/src/pcre-7.7]#./configure –prefix=/usr && make && make install
1.2 syslog-ng_3.0.5 설치
<다운로드>
[root@log:/usr/local/src]#wget http://www.balabit.com/downloads/files/syslog-ng/sources/3.0.5/source/syslog-ng_3.0.5.tar.gz
<압축해제>
[root@log:/usr/local/src]#tar xvfz syslog-ng_3.0.5.tar.gz
<설치>
[root@log:/usr/local/src/syslog-ng-3.0.5]# ./configure --enable-ssl --enable-tcp-wrapper --enable-sql --enable-linux-caps --enable-pcre --enable-debug --enable-gprof --enable-memtrace --enable-spoof-source --enable-env-wrapper --with-libnet=/usr &&make && make install
à기본적으로 "/usr/local" 에 설치됨
[에러]
configure: error: Cannot find eventlog version >= 0.2: is pkg-config in path?
- #export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/local/lib/pkgconfig
checking for LIBNET... configure: error: libnet-config not found
- 위에서 libnet-1.1.2.1.를 컴파일 설치 했지만 libnet-config 파일을 찾을 수 없다고 나온다.
계속 그 파일을 찾아봤지만 libnet 설치시 libnet-config 파일이 설치가 안된다.
Syslog-ng 에서 libnet에 대한 특별히 요구하는 버전이 없으므로 yum으로 설치한다.
# yum install libnet
[root@log:/usr/local/src/syslog-ng-3.0.5]#find / -name libnet-config
/usr/local/src/libnet/libnet-config
/usr/bin/libnet-config
--with-libnet=/usr/bin/ ./configure 옵션에 디렉토리 지정을 /usr/bin/ 으로 줌
linker flags : prefix : /usr/local linking mode : dynamic Features: Sun STREAMS support : no Sun Door support : no Debug symbols : yes GCC profiling : yes Memtrace : yes IPV6 support : yes spoof-source support : yes tcp-wrapper support : yes SSL support : yes SQL support : yes Linux capability support : yes PCRE support : yes Env wrapper support : yes |
./configure 는 성공
<에러>
#make
afsql.c:36:21: error: dbi/dbi.h: No such file or directory
afsql.c:97: error: expected specifier-qualifier-list before 'dbi_conn'
afsql.c:250: error: expected declaration specifiers or '...' before 'dbi_result'
afsql.c: In function 'afsql_dd_run_query':
afsql.c:252: error: 'dbi_result' undeclared (first use in this function)
afsql.c:252: error: (Each undeclared identifier is reported only once
afsql.c:252: error: for each function it appears in.)
afsql.c:252: error: expected ';' before 'db_res'
afsql.c:258: error: 'db_res' undeclared (first use in this function)
afsql.c:258: warning: implicit declaration of function 'dbi_conn_query'
afsql.c:258: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:265: warning: implicit declaration of function 'dbi_conn_error'
afsql.c:265: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:278: error: 'result' undeclared (first use in this function)
afsql.c:281: warning: implicit declaration of function 'dbi_result_free'
afsql.c: In function 'afsql_dd_create_index':
afsql.c:316: error: too many arguments to function 'afsql_dd_run_query'
afsql.c: In function 'afsql_dd_validate_table':
afsql.c:332: error: 'dbi_result' undeclared (first use in this function)
afsql.c:332: error: expected ';' before 'db_res'
afsql.c:338: error: 'AFSqlDestDriver' has no member named 'validated_tables'
afsql.c:343: error: 'db_res' undeclared (first use in this function)
afsql.c:343: error: too many arguments to function 'afsql_dd_run_query'
afsql.c:350: warning: implicit declaration of function 'dbi_result_get_field_idx'
afsql.c:355: error: too many arguments to function 'afsql_dd_run_query'
afsql.c:388: error: too many arguments to function 'afsql_dd_run_query'
afsql.c:408: error: 'AFSqlDestDriver' has no member named 'validated_tables'
afsql.c: In function 'afsql_dd_insert_db':
afsql.c:441: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:445: error: 'AFSqlDestDriver' has no member named 'last_conn_attempt'
afsql.c:449: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:449: warning: implicit declaration of function 'dbi_conn_new'
afsql.c:450: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:452: warning: implicit declaration of function 'dbi_conn_set_option'
afsql.c:452: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:453: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:454: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:455: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:456: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:457: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:460: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:461: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:463: warning: implicit declaration of function 'dbi_conn_connect'
afsql.c:463: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:467: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:477: warning: implicit declaration of function 'dbi_conn_close'
afsql.c:477: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:478: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:479: error: 'AFSqlDestDriver' has no member named 'last_conn_attempt'
afsql.c:553: warning: implicit declaration of function 'dbi_conn_quote_string_copy'
afsql.c:553: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:557: warning: implicit declaration of function 'free'
afsql.c:570: error: too many arguments to function 'afsql_dd_run_query'
afsql.c:574: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:575: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:576: error: 'AFSqlDestDriver' has no member named 'validated_tables'
afsql.c: In function 'afsql_db_thread':
afsql.c:645: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c:646: error: 'AFSqlDestDriver' has no member named 'dbi_ctx'
afsql.c: In function 'afsql_init_db_thread':
afsql.c:706: warning: implicit declaration of function 'dbi_initialize'
afsql.c: In function 'afsql_dd_free':
afsql.c:943: error: 'AFSqlDestDriver' has no member named 'validated_tables'
afsql.c: In function 'afsql_dd_new':
afsql.c:1013: error: 'AFSqlDestDriver' has no member named 'validated_tables'
make[2]: *** [afsql.o] Error 1
make[2]: Leaving directory `/usr/local/src/syslog-ng-3.0.5/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/local/src/syslog-ng-3.0.5'
make: *** [all] Error 2
라이브러리 dbi 가 없다.
설치해줌.
#yum install libdbi libdbi-devel
#make && make install
[root@log:/usr/local/sbin]#./syslog-ng
./syslog-ng: error while loading shared libraries: libevtlog.so.0: cannot open shared object file: No such file or directory
[root@log:/usr/local/sbin]#find / -name libevtlog.so
/usr/local/src/eventlog-0.2.9/src/.libs/libevtlog.so
/usr/local/lib/libevtlog.so
[root@log:/usr/local/sbin]#export LD_LIBRARY_PATH=/usr/local/lib
[root@log:/usr/local/sbin]#./syslog-ng
Segmentation fault
[root@log:/usr/local/src/syslog-ng-3.0.4]#./configure --enable-ssl --enable-tcp-wrapper --enable-sql --enable-linux-caps --enable-pcre --enable-gprof --enable-spoof-source --enable-env-wrapper --with-libnet=/usr/bin/
