Hide Forgot
Description of problem: May I please request getting Logcheck compiled to run on CentOS 7? Thanks.
This is something I need as well. I imagine as CentOS 7 gets more and more usage, the requests for this will grow quite a bit.
It used to be that RedHat was proud of their server security. Not having a tool that can monitor logs effectively, casts doubts on that claim.
logcheck-1.3.15-2.el7 has been submitted as an update for Fedora EPEL 7. https://admin.fedoraproject.org/updates/logcheck-1.3.15-2.el7
Package logcheck-1.3.15-2.el7: * should fix your issue, * was pushed to the Fedora EPEL 7 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=epel-testing logcheck-1.3.15-2.el7' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-0084/logcheck-1.3.15-2.el7 then log in and leave karma (feedback).
Perhaps needs to be "yum install" rather than "yum update". Then it fails - Requires: perl-mime-construct.
Is perl-mime-construct available anywhere?
lots of other deps missing. I'm working on that.
perl-IPC-Signal-1.00-13.el7 has been submitted as an update for Fedora EPEL 7. https://admin.fedoraproject.org/updates/perl-IPC-Signal-1.00-13.el7
perl-Proc-WaitStat-1.00-13.el7 has been submitted as an update for Fedora EPEL 7. https://admin.fedoraproject.org/updates/perl-Proc-WaitStat-1.00-13.el7
perl-mime-construct-1.11-13.el7 has been submitted as an update for Fedora EPEL 7. https://admin.fedoraproject.org/updates/perl-mime-construct-1.11-13.el7
liblockfile still misses a rebuild. I hope I can get this done today or tomorrow, depending on when I get the SCM request processed.
liblockfile-1.08-18.el7 has been submitted as an update for Fedora EPEL 7. https://admin.fedoraproject.org/updates/liblockfile-1.08-18.el7
Tried to install perl-mime-construct warning: user mockbuild does not exist - using root
Randy, not sure, what you did: yum --enablerepo=epel-testing install logcheck ... Resolving Dependencies --> Running transaction check ---> Package logcheck.noarch 0:1.3.15-2.el7 will be installed --> Processing Dependency: perl-mime-construct for package: logcheck-1.3.15-2.el7.noarch --> Processing Dependency: lockfile-progs for package: logcheck-1.3.15-2.el7.noarch --> Running transaction check ---> Package lockfile-progs.x86_64 0:0.1.15-7.el7 will be installed --> Processing Dependency: liblockfile.so.1()(64bit) for package: lockfile-progs-0.1.15-7.el7.x86_64 ---> Package perl-mime-construct.noarch 0:1.11-13.el7 will be installed --> Processing Dependency: perl(Proc::WaitStat) for package: perl-mime-construct-1.11-13.el7.noarch --> Running transaction check ---> Package liblockfile.x86_64 0:1.08-18.el7 will be installed ---> Package perl-Proc-WaitStat.noarch 0:1.00-13.el7 will be installed --> Processing Dependency: perl(IPC::Signal) for package: perl-Proc-WaitStat-1.00-13.el7.noarch --> Running transaction check ---> Package perl-IPC-Signal.noarch 0:1.00-13.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================= Package Arch Version Repository Size ============================================================================================ Installing: logcheck noarch 1.3.15-2.el7 epel-testing 121 k Installing for dependencies: liblockfile x86_64 1.08-18.el7 epel-testing 22 k lockfile-progs x86_64 0.1.15-7.el7 epel 20 k perl-IPC-Signal noarch 1.00-13.el7 epel-testing 10 k perl-Proc-WaitStat noarch 1.00-13.el7 epel-testing 11 k perl-mime-construct noarch 1.11-13.el7 epel-testing 23 k Transaction Summary ==================================================================================================================== Install 1 Package (+5 Dependent packages) Total download size: 206 k Installed size: 511 k Is this ok [y/d/N]: y Downloading packages: (1/6): perl-IPC-Signal-1.00-13.el7.noarch.rpm | 10 kB 00:00:00 (2/6): perl-Proc-WaitStat-1.00-13.el7.noarch.rpm | 11 kB 00:00:00 (3/6): lockfile-progs-0.1.15-7.el7.x86_64.rpm | 20 kB 00:00:00 (4/6): liblockfile-1.08-18.el7.x86_64.rpm | 22 kB 00:00:00 (5/6): perl-mime-construct-1.11-13.el7.noarch.rpm | 23 kB 00:00:00 (6/6): logcheck-1.3.15-2.el7.noarch.rpm | 121 kB 00:00:00 ------------------------------------------------------------------------------------------ Total 224 kB/s | 206 kB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : perl-IPC-Signal-1.00-13.el7.noarch 1/6 Installing : perl-Proc-WaitStat-1.00-13.el7.noarch 2/6 Installing : perl-mime-construct-1.11-13.el7.noarch 3/6 Installing : liblockfile-1.08-18.el7.x86_64 4/6 Installing : lockfile-progs-0.1.15-7.el7.x86_64 5/6 Installing : logcheck-1.3.15-2.el7.noarch 6/6 rhel-7-server-rpms/7Server/x86_64/productid | 1.7 kB 00:00:00 Verifying : logcheck-1.3.15-2.el7.noarch 1/6 Verifying : liblockfile-1.08-18.el7.x86_64 2/6 Verifying : perl-mime-construct-1.11-13.el7.noarch 3/6 Verifying : lockfile-progs-0.1.15-7.el7.x86_64 4/6 Verifying : perl-IPC-Signal-1.00-13.el7.noarch 5/6 Verifying : perl-Proc-WaitStat-1.00-13.el7.noarch 6/6 Installed: logcheck.noarch 0:1.3.15-2.el7 Dependency Installed: liblockfile.x86_64 0:1.08-18.el7 lockfile-progs.x86_64 0:0.1.15-7.el7 perl-IPC-Signal.noarch 0:1.00-13.el7 perl-Proc-WaitStat.noarch 0:1.00-13.el7 perl-mime-construct.noarch 0:1.11-13.el7 Complete!
I downloaded perl-mime-construct separately and installed it. Just tested with a fresh install of Centos 7 and your logcheck installed. Much happiness! I won't be able to play with it much for a few days, but many thanks.
Having a play, clean install of CentOS 7 minimal. I get this, and /tmp/logcheck.* doesn't exist. Warning: If you are seeing this message, your log files may not have been checked! Details: Could not run logtail or save output Check temporary directory: /tmp/logcheck.aVQL4j Also verify that the logcheck user can read all files referenced in /etc/logcheck/logcheck.logfiles! declare -x HOME="/var/lib/logcheck" declare -x LANG="en_AU.UTF-8" declare -x LOGNAME="logcheck" declare -x MAILTO="root" declare -x OLDPWD declare -x PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin" declare -x PWD="/var/lib/logcheck" declare -x SHELL="/bin/sh" declare -x SHLVL="2" declare -x USER="logcheck" declare -x XDG_RUNTIME_DIR="/run/user/997" declare -x XDG_SESSION_ID="1"
Looks like it needs syslog-ng with a few edits.
(In reply to Randy Holmes from comment #17) > Looks like it needs syslog-ng with a few edits. not necessarily. You could use rsyslog as well. Take care, you modify logrotate rules to make sure, your logfiles to be checked are owned by group adm.
perl-Proc-WaitStat-1.00-13.el7 has been pushed to the Fedora EPEL 7 stable repository.
perl-IPC-Signal-1.00-13.el7 has been pushed to the Fedora EPEL 7 stable repository.
liblockfile-1.08-18.el7 has been pushed to the Fedora EPEL 7 stable repository.
perl-mime-construct-1.11-13.el7 has been pushed to the Fedora EPEL 7 stable repository.
logcheck-1.3.15-2.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.