Hello,
I have the following a syslog-ng server and a syslog-ng client, which configurations I am sending in attachment.
I am using the syslog driver in order to have full compatibility with RFC5424.
I want to use the IP address and not the hostname, but I keep seeing the hostname in tcpdump:
[root@tests tests]# tcpdump -A -i virbr0 port 60514 or 514
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on virbr0, link-type EN10MB (Ethernet), capture size 262144 bytes
18:30:09.810757 IP 192.168.122.11.34512 > tests.syslog: SYSLOG local0.info, length: 100
E.....@.@..K..z...z......l..<134>1 2020-02-26T18:30:09+00:00 localhost root 9519 - - This is a local0 info buffer filler string
and in logfile:
<134>1 2020-02-26T18:30:09+00:00 localhost root 9519 - - This is a local0 info buffer filler string
Can you help me?
Thanks in advance,
Alex