1 Oct
2005
1 Oct
'05
6:03 a.m.
On Fri, 30 Sep 2005 15:33:27 EDT, Ketan Vankawala said:
I have currently installed Syslog-ng ver 1.6.8. Here is a snippet of my syslog-ng config file.So accordingly when a syslog message comes in, depending on the ip address, it does a lookup in /etc/hosts, creates an appropriate host name folder and forwards the message there. If the hostname does not exists, it creates a folder named with the ip address.
Updating /etc/hosts *should* provide fast response. I'm wondering if your /etc/nsswitch.conf specifies 'hosts: NIS files dns', and the NIS query functions are being too clever about caching..