In this guide, we’ll walk you through the process of installing Syslog-NG on your Ubuntu or any other Debian-based Linux distribution. Syslog-NG is a powerful logging and event management tool used widely in cybersecurity and system administration. Follow these steps to get it up and running on your system.
Installation Process
1. Download and Import Syslog-NG Release Key
First, we need to download the Syslog-NG release key and add it to our system’s keyring. Open your terminal and execute the following command:
wget -qO - https://ose-repo.syslog-ng.com/apt/syslog-ng-ose-pub.asc | sudo apt-key add -
2. Add the Syslog-NG Repository
Now, let’s add the official Syslog-NG repository to your system. However, before adding the repository, you must determine your specific distribution’s codename. You can find your distribution’s codename by running the following command:
lsb_release -c
For example, if your Ubuntu installation’s codename is jammy, use the following command to add the repository (replace jammy with your actual codename; for Debian, the prefix would be debian-):
echo "deb https://ose-repo.syslog-ng.com/apt/ stable ubuntu-jammy" | sudo tee -a /etc/apt/sources.list.d/syslog-ng-ose.list
3. Update the Package List
To ensure that you have the latest package information, update the package list with the following command:
sudo apt-get update
4. Install Syslog-NG Packages
With the package list updated, we can now install the necessary Syslog-NG packages:
sudo apt-get install syslog-ng-core syslog-ng-scl
5. Verify Syslog-NG Installation
Syslog-NG is now installed on your system. To verify the installation and check if the service is running properly, run the following command:
systemctl status syslog-ng
This command should display the current status of the Syslog-NG service.
Next Steps
- Check out this article for a Syslog-NG config guide to get you started: How to Make a Syslog-NG Config with Examples
- Check out this article for a quick guide of automatically deleting old logs Syslog-NG is caching: How to Delete Old Logs Automatically When Using Syslog-NG
References
Congratulations, you’ve successfully installed Syslog-NG on your Ubuntu or Debian-based Linux distribution. You now have a robust logging and event management system at your disposal, enhancing your system’s security and monitoring capabilities. Feel free to explore Syslog-NG further and customize it to suit your specific needs. If you encounter any issues or have questions, refer to the official documentation for assistance.