[syslog-ng]BUG: Number in Hostnames?

Balazs Scheidler bazsi@balabit.hu
Mon, 17 Jun 2002 19:02:32 +0200

On Mon, Jun 17, 2002 at 12:05:07PM -0400, Jonathan wrote:
> Hi,
> I've been toying a bit with syslog-ng, I'm quite happy so far with all the
> possibilities it offer me. But I got a problem getting it to work in my
> environment.
> I want to log normal syslogd machines to a LogHost which would run
> syslog-ng. I've installed syslog-ng 1.5.18 on my LogHost and ran a few
> tests.
> With this config:
> options { sync (0);
>           time_reopen (10);
>           log_fifo_size (1000);
>           long_hostnames (no);
>           chain_hostnames (no);
>           use_dns (no);
>           use_fqdn (no);
>           create_dirs (no);
>           keep_hostname (yes);
>         };
> source s_sys { unix-stream ("/dev/log"); internal();
>         udp (ip( port (514)); };
> destination mail1 { file("/var/log/mail1"); };
> filter filter_mail1 { host("mail1");};
> log { source(s_sys); filter(filter_mail1); destination(mail1); };
> As you can see, I want to log a host named "mail1" to a file "mail1".
> However, it doesn't work. The host send its log entries syslog-ng but
> doesn't recognize "mail1".
> But, if I change the host("mail1") to host("mail"), it work perfectly. The
> hostname in the /var/log/mail1 file is "mail" tho, not "mail1".
> I ran syslogd into debug mode on my "mail1" machine. I saw it does send the
> logs out with the "mail1" tag.
> I tried this with another of my host, its name is nexus1, I experienced the
> same behavior.
> So, I'm wondering if syslog-ng doesn't like having a number at the end of
> the hostname.
> The hosts running syslogd are RedHat 7.2 and 7.1.
> Any ideas? :) I'd like to get this working, all my hostnames got numbers....

hmm.. I don't care if hostnames contain numbers or not. Does reverse DNS of
those hosts contain the correct name (with the number ?)

You could sniff your network interface to see if the hostname is really
present. (sometimes it is missing, and is added by syslog-ng based on the
DNS name of the host)

PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1