syslog2logan/README.md

87 lines
1.6 KiB
Markdown
Raw Normal View History

2010-02-07 18:11:06 +01:00
Dependencies
============
System
------
* ruby >= 1.9 (tested: 1.9.1, untested: 1.8 (maybe compatible))
2010-03-17 13:27:28 +01:00
* libdb >= 4.7 (tested: 4.7/4.8)
* C-Compiler (tested: gcc 4.4.1)
2010-02-07 18:11:06 +01:00
2010-02-07 18:13:14 +01:00
### Debian/Ubuntu:
2010-02-07 18:11:06 +01:00
# aptitude ruby1.9.1 ruby1.9.1-dev libdb4.7-dev rubygems1.9.1
2010-03-17 13:27:28 +01:00
If you've installed ruby1.8 (yet), you should run ruby1.9.1 instead ruby and
2010-02-07 18:11:06 +01:00
gem1.9.1 instead gem.
Change shebash in s2l.rb to
#!/usr/bin/ruby1.9.1
2010-03-17 13:27:28 +01:00
or
#!/usr/bin/env ruby1.9.1
2010-02-07 18:11:06 +01:00
Ruby Gems
---------
2010-03-17 13:27:28 +01:00
You should install *dk-bdb* manualy:
2010-02-07 18:11:06 +01:00
2010-03-17 13:27:28 +01:00
# gem install dk-bdb -- --with-db-dir=/usr --with-db-include=/usr/include
2010-02-07 18:11:06 +01:00
2010-03-17 13:27:28 +01:00
Every other dependencies will be installed automaticaly,
if you install syslog2logan via gem.
2010-02-07 18:11:06 +01:00
Install
=======
2010-03-17 13:27:28 +01:00
# gem install syslog2logan
2010-02-07 18:11:06 +01:00
Usage
=====
2010-03-17 13:27:28 +01:00
First you should know, the database environments are in *this* directory,
where you call *s2l.rb*. You must use this directory for logan itself too!
Don't use this directory for anything else.
2010-02-07 18:11:06 +01:00
Start
-----
2010-03-17 13:27:28 +01:00
Simple on Ubuntu:
2010-02-07 18:11:06 +01:00
2010-03-17 13:27:28 +01:00
# /var/lib/gems/1.9*/gems/syslog2logan-*/bin/s2l.rb
2010-02-07 18:11:06 +01:00
2010-03-17 13:27:28 +01:00
Deamonized:
2010-02-07 18:11:06 +01:00
2010-03-17 13:27:28 +01:00
# sh -c 'nohup PATHTO/s2l.rb </dev/null >/dev/null 2>&1 &' &
2010-02-07 18:11:06 +01:00
Use it
------
Your Syslog-server should send everythin via tcp to port 1514.
UDP and TLS aren't possible yet.
If you want to use any of these, you can proxy it via a local syslog-ng.
2010-02-07 18:13:14 +01:00
### syslog-ng
2010-02-07 18:11:06 +01:00
You need these lines:
source s_server {
unix-stream( "/dev/log" max-connections(100));
2010-03-17 13:27:28 +01:00
# internal(); # Statistics about dests. It's unimportant for LogAn.
2010-02-07 18:11:06 +01:00
file( "/proc/kmsg");
};
destination d_server {
tcp( "SyslogServer.example.org" port (1514));
};
log {
source( s_server);
destination( d_server);
};
2010-02-07 18:13:14 +01:00
### rsyslog
2010-02-07 18:11:06 +01:00
2010-03-17 13:27:28 +01:00
I don't know. Please tell me, how to use.