Preserving the Source device attributes while forwarding messages
Hello , I'm a new member of this list and trying to forward messages by invoking a logger command : The following is an example of a message received at the NMS system . Source Message temp00r1 %LINK-3-UPDOWN: Interface BRI1/3:1, changed state to down It would automatically invoke a logger command : % logger -p local7.notice -t temp00r1 %LINK-3-UPDOWN: Interface BRI1/3:1, changed state to down This command is run on hostname: Host-A The syslog-ng.conf file on Host-A looks like : options { long_hostname(off); }; destination temp00r1{ udp("Host-B" port(514)); }; filter temp00r1 { program("temp00r1"); }; log ( source(local); filter(temp00r1); destination(temp00r1); }; The above 'logger' command is received at "Host-B" host the follows : Date IP Host Facility Priority Message Time Address Name Source Source ------------------------------------------------------------------------------------------------------------------------ 12/22/99 2:19 Host-A's IP Host-A LOCAL7 NOTICE Dec 22 2:18:37 Host-A temp00r1: %LINK-3-UPDOWN: Interface BRI1/3:1, changed state to down The desired received message would be : 12/22/99 2:19 temp00r1's IP temp00r1 LOCAL7 NOTICE Dec 22 2:18:37 temp00r1 %LINK-3-UPDOWN: Interface BRI1/3:1, changed state to down Is there anyway to make syslog-ng initiate the Trap as like it is the original device . Any idea / help would be highly appreciated . Thanks , Ofer Aaronson --------------- Network Management Architecture Manager Global Network Services Applied Materials Inc. mailto://Ofer_Aaronson@amat.com/
On Wed, Dec 22, 1999 at 10:38:34AM -0800, Ofer_Aaronson@amat.com wrote:
Hello ,
I'm a new member of this list and trying to forward messages by invoking a logger command :
The following is an example of a message received at the NMS system .
Source Message temp00r1 %LINK-3-UPDOWN: Interface BRI1/3:1, changed state to down
It would automatically invoke a logger command :
% logger -p local7.notice -t temp00r1 %LINK-3-UPDOWN: Interface BRI1/3:1, changed state to down
This command is run on hostname: Host-A
The syslog-ng.conf file on Host-A looks like :
options { long_hostname(off); }; destination temp00r1{ udp("Host-B" port(514)); }; filter temp00r1 { program("temp00r1"); }; log ( source(local); filter(temp00r1); destination(temp00r1); };
The above 'logger' command is received at "Host-B" host the follows :
Date IP Host Facility Priority Message Time Address Name Source Source ------------------------------------------------------------------------------------------------------------------------ 12/22/99 2:19 Host-A's IP Host-A LOCAL7 NOTICE Dec 22 2:18:37 Host-A temp00r1: %LINK-3-UPDOWN: Interface BRI1/3:1, changed state to down
The desired received message would be :
12/22/99 2:19 temp00r1's IP temp00r1 LOCAL7 NOTICE Dec 22 2:18:37 temp00r1 %LINK-3-UPDOWN: Interface BRI1/3:1, changed state to down
Syslog-ng simply replaces the received hostname with the name of the host, it received the message from. If you want to know the originating host, turn on chain_hostnames() (long_hostnames() in earlier versions). I may add an option to syslog-ng to prevent overriding source hostname if chain_hostnames() is off. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1 url: http://www.balabit.hu/pgpkey.txt
participants (2)
-
Balazs Scheidler
-
Ofer_Aaronson@amat.com