[syslog-ng]syslog entries without hostnames

[Balazs Scheidler]

> I watched with interest the small discussion that I started on the mailing
> list, but it never really reached a good conclusion.  I would really
> appreciate it if you could clarify a couple things....
> 
> When a syslog message arrives via UDP, can't you just record the IP address
> of the host that sent it?  Or is this somehow the job of the device that is
> sending logs, to send it's hostname along?  I am still trying to figure out
> why when our Riverstone routers send logs, there is no device name or IP
> address recorded.  Our NOC engineers can't tell what device sent the
> message...

there are the following options to control hostname generation.

keep_hostname()
chain_hostname()

keep_hostname tells syslog-ng not to modify received hostname field. if
keep_hostname is off, it always overwrites received hostname, if
chain_hostnames() if on, it appends the hostname the message was received
from to the hostname, otherwise it replaces the received value.

-- 
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1