Amazon Linux AMI: Updating rsyslog

RSYSLOG is "the rocket-fast" system for log processing, which is widely used in many linux-distributions. Amazon Linux is one of the many. Unfortunately, Amazon Linux ships with version 5.x at the time of me writing this.

The version in question lacks some highly requested functionality and on top of that has some known vulnerabilities.(CVE History Charts for rsyslog)

Instructions for Amazon Linux 2017.03

Preparation

Repository

Add the Adiscon rsyslog repository to your system (/etc/yum.repos.d/rsyslog.repo)

[v8-stable]
name=Adiscon CentOS-6 - local packages for \$basearch
baseurl=http://rpms.adiscon.com/v8-stable/epel-6/\$basearch
enabled=1
gpgcheck=0
gpgkey=http://rpms.adiscon.com/RPM-GPG-KEY-Adiscon
protect=1

Durable (central) storage / RPM's (private secure subnets)

Alternatively download the necessairy RPMs from http://rpms.adiscon.com/v8-stable/epel-6/x86_64/RPMS/ (no link due to non-https!). Add them to your durable storage e.g., S3 deploy bucket and download them during bootstrapping (private subnets)

Installation

Install rsyslog from the repository

$ sudo yum install rsyslog --disablerepo=amzn-main

Or update it

$ sudo yum upgrade rsyslog --disablerepo=amzn-main

Or install/update it via the manually packages/RPM's

$ sudo rpm -Uvh [_*_].rpm

Notes

For more details in regards of the vulnerabilities: check here. For a list of all Amazon Linux security updates: https://alas.aws.amazon.com/

Author: Angelique Dawnbringer Published: 2015-02-11 09:06:26 Keywords:
  • Amazon Linux AMI
  • rsyslog
  • update
  • yum
Modified: 2017-09-10 17:50:41