OpenBSD on SPARC64 - Syslog-ng hostname issues
I was wondering if someone knows if the Syslog-ng issue with reading remote host hostname/IP addresses on SPARC64 has been resolved? https://lists.balabit.hu/pipermail/syslog-ng/2004-July/006320.html https://lists.balabit.hu/pipermail/syslog-ng/2004-August/006395.html Or Am I missing something in my config? - I tried every option with the hostname as suggested in http://www.campin.net/syslog-ng/faq.html#hostname Config is simple until I figure out this remote hostname/IP issue. - Please check comments in config.. And the Sample log file below... Any help would be great appricated. Thanks, Eric #---------------------------------------------------------------------- # General options #---------------------------------------------------------------------- options { chain_hostnames(no); create_dirs (no); dir_perm(0755); keep_hostname(yes); log_fifo_size(1024); long_hostnames(off); perm(0644); sync(1); time_reopen (10); use_dns(yes); use_fqdn(no); }; #---------------------------------------------------------------------- # Log sources #---------------------------------------------------------------------- source network { udp(); internal(); }; # source local { unix-stream("/dev/log"); internal(); }; #---------------------------------------------------------------------- # Log Destinations #---------------------------------------------------------------------- destination net { file("/var/syslog-ng/hosts/imd.log" ); }; #---------------------------------------------------------------------- # host-based filters - This is the only way I can get logs - filter for localhost # I can not get logs filtering for remote host - IP or hostname. #---------------------------------------------------------------------- filter net { host("obsd"); }; #---------------------------------------------------------------------- # put it all together #---------------------------------------------------------------------- log { source(network); filter(net); destination(net); }; Sample Log Message -from tail of log file - Mar 24 08:46:47 obsd Mar 24 2005 08:46:47 hcpix Localhost ----------^ Remotehost -------------------------------------------^
On Thu, 2005-03-24 at 14:09 +0000, list.mail@comcast.net wrote:
I was wondering if someone knows if the Syslog-ng issue with reading remote host hostname/IP addresses on SPARC64 has been resolved?
https://lists.balabit.hu/pipermail/syslog-ng/2004-July/006320.html https://lists.balabit.hu/pipermail/syslog-ng/2004-August/006395.html
Or Am I missing something in my config? - I tried every option with the hostname as suggested in http://www.campin.net/syslog-ng/faq.html#hostname
For some reason the address returned by recvmsg() for AF_UNIX sockets seem to be bogus, so it indeed seems to be a kernel related problem. A possible workaround is to comment out the offending log message at io.c:1049 which would solve your problem. -- Bazsi
participants (2)
-
Balazs Scheidler
-
list.mail@comcast.net