Depending how how your syslog-ng file is set up and assuming that the syslog data received is only IP address, I would make sure your DNS is setup correctly.  Make sure all hosts have both forward and reverse entries in your DNS servers.  That's how my implemenation is working.  As long as my host have a reverse entry in DNS, syslog-ng is logging by name.

Chris


On 10/4/06, Russell Fulton <r.fulton@auckland.ac.nz> wrote:
if the records received by syslog-ng contain the host name it will use
this by default.  The answer my lie in how you configure syslog on the
hosts themselves.  From memory syslog-ng uses the host name info in the
packets by default.

Russell

Istvan Szukacs wrote:
> Hi!
>
> I would like to log several computer which are behind nat. The problem
> is i cannot find the right metod to log by the hostname not by the ip
> reverse name from where the packets come.
>
> But i got this:
>
> Oct  1 02:34:27 external ip/external ip
>
> Is there a possibility to devide the logs by the original hostname?
>
>
> thx
> _______________________________________________
> syslog-ng maillist  -  syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
_______________________________________________
syslog-ng maillist  -  syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html