[syslog-ng] Preserving the Source device attributes while forwarding messages

Balazs Scheidler bazsi@balabit.hu
Wed, 29 Dec 1999 22:54:05 +0100


On Wed, Dec 22, 1999 at 10:38:34AM -0800, Ofer_Aaronson@amat.com wrote:
> Hello ,
> 
> I'm a new member of this list and trying to forward messages by invoking a
> logger command :
> 
> The following is an example of a message received at the NMS system .
> 
> Source          Message
> temp00r1     %LINK-3-UPDOWN: Interface BRI1/3:1, changed state to down
> 
> It would automatically invoke a logger command :
> 
> % logger -p local7.notice -t temp00r1 %LINK-3-UPDOWN: Interface BRI1/3:1,
> changed state to down
> 
> This command is run on hostname: Host-A
> 
> The syslog-ng.conf file on Host-A looks like :
> 
> options { long_hostname(off); };
> destination temp00r1{ udp("Host-B" port(514)); };
> filter temp00r1 { program("temp00r1"); };
> log ( source(local); filter(temp00r1); destination(temp00r1); };
> 
> The above 'logger' command is received at "Host-B" host the follows :
> 
> Date           IP            Host     Facility  Priority Message
> Time           Address       Name
>                Source        Source
> ------------------------------------------------------------------------------------------------------------------------
> 12/22/99 2:19  Host-A's IP   Host-A   LOCAL7    NOTICE   Dec 22 2:18:37 Host-A
> temp00r1: %LINK-3-UPDOWN: Interface BRI1/3:1, changed state to down
> 
> The desired received message would be :
> 
> 12/22/99 2:19  temp00r1's IP  temp00r1  LOCAL7    NOTICE        Dec 22 2:18:37
> temp00r1 %LINK-3-UPDOWN: Interface BRI1/3:1, changed state to down
> 
> 

Syslog-ng simply replaces the received hostname with the name of the host,
it received the message from. If you want to know the originating host, turn
on chain_hostnames() (long_hostnames() in earlier versions).

I may add an option to syslog-ng to prevent overriding source hostname if
chain_hostnames() is off.

-- 
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
     url: http://www.balabit.hu/pgpkey.txt