<div>Well if set use_dns(off) then it stops reading /etc/hosts file and start storing hosts as IP addresses. </div>
<div> </div>
<div>I am using Mandrake 10.1 Official......</div>
<div> </div>
<div>In nsswitch.conf i have tried by giving DNS, file and file,dns both combination.. but it doesn't make any difference... its still neither picking private Ips from /etc/hosts nor from local cache dns server.</div>
<div> </div>
<div> </div>
<div><br><br> </div>
<div><span class="gmail_quote">On 7/14/05, <b class="gmail_sendername">Edward Brookhouse</b> <<a href="mailto:ebroo@healthydirections.com">ebroo@healthydirections.com</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div>
<p><font face="Arial" color="navy" size="2"><span style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial">What happens if you set use_dns (off); does your hosts file get read then? What OS is this? How is the system nsswitch.conf
setup for resolution?</span></font></p>
<p><font face="Arial" color="navy" size="2"><span style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial">Also maybe double check your resolv.conf what is the domain listing and search order listed in there?</span></font>
</p>
<p><font face="Arial" color="navy" size="2"><span style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial"> </span></font></p>
<p><font face="Arial" color="navy" size="2"><span style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial"> </span></font></p>
<div>
<div style="TEXT-ALIGN: center" align="center"><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">
<hr align="center" width="100%" size="2">
</span></font></div>
<p><b><font face="Tahoma" size="2"><span style="FONT-WEIGHT: bold; FONT-SIZE: 10pt; FONT-FAMILY: Tahoma">From:</span></font></b><font face="Tahoma" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Tahoma"> <a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:syslog-ng-bounces@lists.balabit.hu" target="_blank">
syslog-ng-bounces@lists.balabit.hu</a> [mailto:<a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:syslog-ng-bounces@lists.balabit.hu" target="_blank">syslog-ng-bounces@lists.balabit.hu</a>] <b><span style="FONT-WEIGHT: bold">
On Behalf Of </span></b>mrgenius<br><b><span style="FONT-WEIGHT: bold">Sent:</span></b> Thursday, July 14, 2005 12:53 AM<br><b><span style="FONT-WEIGHT: bold">To:</span></b> Ken Garland<br><b><span style="FONT-WEIGHT: bold">
Cc:</span></b> Syslog-ng users' and developers' mailing list<br><b><span style="FONT-WEIGHT: bold">Subject:</span></b> Re: [syslog-ng] Problem with hostnames!</span></font></p></div>
<div><span class="q" id="q_105150ebd3b390b2_1">
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">Yes here is the portion of my syslog-ng.cong</span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">#####################################</span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">options { sync (0);<br> time_reopen (10);<br> log_fifo_size (1000);<br> long_hostnames (yes);<br> use_dns (yes);<br>
use_fqdn (yes);<br> create_dirs (no);<br> keep_hostname (no); <br> };</span></font></p>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">source sys { unix-stream ("/dev/log"); internal(); };<br>source net { <br> udp(ip(<a onclick="return top.js.OpenExtLink(window,event,this)" href="http://0.0.0.0/" target="_blank">
<u>0.0.0.0</u></a>) port(514) );<br> };</span></font></p>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"><br>destination d_mysql {<br> pipe("/tmp/mysql.pipe"<br> template("INSERT INTO logs<br> (host, facility, priority, level, tag, datetime, program, msg)
<br> VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', <br> '$PROGRAM', '$MSG' );\n") template-escape(yes));<br>};<br>log { source(net); destination(d_mysql);
</span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">##############################################</span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">But if you say that syslog-ng first queries DNS Server ... then why it is resolving names for all public Ips which i defined in /etc/hosts and those public Ips have no entries in my defined DNS Servers.
</span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">i am quite confused how this thing is actually working??</span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">Regards,</span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">-Geni</span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"><br><br> </span></font></p></div>
<div>
<p><span><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">On 7/14/05, <b><span style="FONT-WEIGHT: bold">Ken Garland</span></b> <<a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:ken.garland@rotech.com" target="_blank">
<u>ken.garland@rotech.com</u></a>> wrote:</span></font></span> </p>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">paste the relevant parts of your .conf file.<br><br>mrgenius wrote:<br><br>><br>> Hi All!<br>><br>> I am using Syslog-ng with php-syslog-ng. to give names of my choices
<br>> to different hosts IP what i did was to define hostnames against each<br>> IP of host in /etc/hosts file.<br>><br>> It was working fine with Public IP adresses.. But I have some hosts on <br>> local network too with
192.168 IPs . The pRoblem i am now facing is<br>> that its not storing logs with HOSTNAMES of private IPs. Where as its<br>> working fine and giving names of Public IPs.<br>><br>> For example In My /etc/hosts file i have these 2 entries
<br>><br>> <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://202.164.1.1/" target="_blank"><u>202.164.1.1</u></a> <<a onclick="return top.js.OpenExtLink(window,event,this)" href="http://202.164.1.1/" target="_blank">
<u>http://202.164.1.1</u></a>> broadband-router<br>> <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://192.168.77.1/" target="_blank"><u>192.168.77.1</u></a> <<a onclick="return top.js.OpenExtLink(window,event,this)" href="http://192.168.77.1/" target="_blank">
<u> http://192.168.77.1</u></a>> primary-router<br>><br>> For 1st entry Logs in database will come with name broadband-router,<br>> which is what i want<br>> For 2nd Entry Logs in database will come with name
<a onclick="return top.js.OpenExtLink(window,event,this)" href="http://192.168.77.1/" target="_blank"><u>192.168.77.1</u></a><br>> <<a onclick="return top.js.OpenExtLink(window,event,this)" href="http://192.168.77.1/" target="_blank">
<u>http://192.168.77.1</u></a>>, which is what i Don't want<br>><br>><br>> Any body has any idea?? any thing to do in configuration of syslog-ng?? <br>><br>> Regards,<br>><br>> -Geni<br>><br>>------------------------------------------------------------------------
<br>><br>>_______________________________________________<br>>syslog-ng maillist - <a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:syslog-ng@lists.balabit.hu" target="_blank"><u>syslog-ng@lists.balabit.hu
</u></a><br>><a onclick="return top.js.OpenExtLink(window,event,this)" href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" target="_blank"><u>https://lists.balabit.hu/mailman/listinfo/syslog-ng</u></a><br>>Frequently asked questions at
<a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.campin.net/syslog-ng/faq.html" target="_blank"><u>http://www.campin.net/syslog-ng/faq.html</u></a><br>><br>><br>></span></font></p></div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></span></div></div></blockquote></div><br>