Depending how how your syslog-ng file is set up and assuming that the syslog data received is only IP address, I would make sure your DNS is setup correctly. Make sure all hosts have both forward and reverse entries in your DNS servers. That's how my implemenation is working. As long as my host have a reverse entry in DNS, syslog-ng is logging by name. Chris On 10/4/06, Russell Fulton <r.fulton@auckland.ac.nz> wrote:
if the records received by syslog-ng contain the host name it will use this by default. The answer my lie in how you configure syslog on the hosts themselves. From memory syslog-ng uses the host name info in the packets by default.
Russell
Istvan Szukacs wrote:
Hi!
I would like to log several computer which are behind nat. The problem is i cannot find the right metod to log by the hostname not by the ip reverse name from where the packets come.
But i got this:
Oct 1 02:34:27 external ip/external ip
Is there a possibility to devide the logs by the original hostname?
thx _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html