I've just set use_dns(yes) and restart syslog-ng. the same thing appear : logs go to /var/log/IP_of_$HOST/ resolver is correctly configured : host IP_of_$HOST return FQDN of $HOST As syslog-ng run chrooted, I've copied /etc/resolv.conf & /etc/hosts into the jail. It does not fix the issue thanks for help in advance. "Guillaume LACHENAL" <glachenal@on-x.com> Sent by: syslog-ng-admin@lists.balabit.hu 10/24/02 22:33 Please respond to syslog-ng To: syslog-ng@lists.balabit.hu cc: Subject: RE: [syslog-ng]centralized loghost OK. I'll modify it tomorrow when back at work. Is there a way hostname resolution rely on /etc/hosts ? I'll prefer this setting. Just in case the DNS suffer a DoS thanks a lot regards, Guillaume "Hamilton, Andrew" <Andrew.Hamilton@afccc.af.mil> Sent by: syslog-ng-admin@lists.balabit.hu 10/24/2002 11:52 AM AST Please respond to syslog-ng To: syslog-ng@lists.balabit.hu cc: bcc: Subject: RE: [syslog-ng]centralized loghost You have use_dns(no). Therefore the value of $HOST is the IP address. If you want the hostname instead then you need to turn on the use_dns option. Regards, Drew -----Original Message----- From: Guillaume LACHENAL [mailto:glachenal@on-x.com] Sent: Thursday, October 24, 2002 11:19 AM To: syslog-ng@lists.balabit.hu Subject: [syslog-ng]centralized loghost I've just install syslog-ng 1.5.21 for centralizing all servers log's Here is the conf file : - - syslog-ng.conf - - options { use_dns(no); sync(0); }; source s_internal { internal(); }; source net { udp( ip(192.168.12.2) port(514) ); }; destination hosts { file( "/var/log/$HOST/$YEAR/$MONTH/$DAY/$FACILITY"\ create_dirs(yes) owner("root") group("root")\ perm(0600) dir_perm(0700) ); }; log { source(s_internal); source(net); destination(hosts); }; - - the problem is that logs go to /var/log/IP_of_$HOST/ ... Thanks for help G. _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html