hi All!

 

I am running syslog-ng logging in msyql database with phpsyslog-ng as front end.

 

1) Now i have 1 problem. The Devices which are sending logs don't have any hostnames associated with them nor i am running any DNS server. As a result the listing of hosts i am getting are in the form of IP addresses of hosts.

 

Is it possible to show hostname against IP adresses?? Like x.x.x.x will be shown as ABC-ROUTER ??

 

if i define ABC-Router as x.x.x..x in /etc/hosts .. what configuration do i need to make in syslog-ng.conf??

 

2)  I want to Allow only specific hosts to send logs to loghost.  But when i tried to put IP of hosts in configuration it gave me errors.

Starting system logger: io.c: bind_inet_socket() bind failed 61.x.x.x:514 Cannot assign requested address

I used following configuration

 

source net      {
                 udp(ip(61.x.x.x) port(514) );
                 udp(ip(62.x.x.x) port(514) );
                 udp(ip(63.x.x.x) port(514) );
               };

 

Do i have to allow this policy on firewall or syslog-ng also supports it?? bcause with only udp(); Every device on internet can start sending me logs and my server will be under attack.

 

Regards,

 

-Geni