What happens if you set use_dns (off); does your hosts file get read then? What OS is this? How is the system nsswitch.conf setup for resolution? Also maybe double check your resolv.conf what is the domain listing and search order listed in there? _____ From: syslog-ng-bounces@lists.balabit.hu [mailto:syslog-ng-bounces@lists.balabit.hu] On Behalf Of mrgenius Sent: Thursday, July 14, 2005 12:53 AM To: Ken Garland Cc: Syslog-ng users' and developers' mailing list Subject: Re: [syslog-ng] Problem with hostnames! Yes here is the portion of my syslog-ng.cong ##################################### options { sync (0); time_reopen (10); log_fifo_size (1000); long_hostnames (yes); use_dns (yes); use_fqdn (yes); create_dirs (no); keep_hostname (no); }; source sys { unix-stream ("/dev/log"); internal(); }; source net { udp(ip(0.0.0.0) port(514) ); }; destination d_mysql { pipe("/tmp/mysql.pipe" template("INSERT INTO logs (host, facility, priority, level, tag, datetime, program, msg) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n") template-escape(yes)); }; log { source(net); destination(d_mysql); ############################################## But if you say that syslog-ng first queries DNS Server ... then why it is resolving names for all public Ips which i defined in /etc/hosts and those public Ips have no entries in my defined DNS Servers. i am quite confused how this thing is actually working?? Regards, -Geni On 7/14/05, Ken Garland <ken.garland@rotech.com> wrote: paste the relevant parts of your .conf file. mrgenius wrote:
Hi All!
I am using Syslog-ng with php-syslog-ng. to give names of my choices to different hosts IP what i did was to define hostnames against each IP of host in /etc/hosts file.
It was working fine with Public IP adresses.. But I have some hosts on
local network too with 192.168 IPs . The pRoblem i am now facing is that its not storing logs with HOSTNAMES of private IPs. Where as its working fine and giving names of Public IPs.
For example In My /etc/hosts file i have these 2 entries
202.164.1.1 <http://202.164.1.1> broadband-router 192.168.77.1 < http://192.168.77.1 <http://192.168.77.1> > primary-router
For 1st entry Logs in database will come with name broadband-router, which is what i want For 2nd Entry Logs in database will come with name 192.168.77.1 <http://192.168.77.1>, which is what i Don't want
Any body has any idea?? any thing to do in configuration of syslog-ng??
Regards,
-Geni
-----------------------------------------------------------------------
-
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html