[syslog-ng]centralized loghost

Guillaume LACHENAL glachenal@on-x.com
Fri, 25 Oct 2002 08:54:55 +0200 

I've just set use_dns(yes) and restart syslog-ng.
the same thing appear :
logs go to /var/log/IP_of_$HOST/

resolver is correctly configured :
host IP_of_$HOST return FQDN of $HOST

As syslog-ng run chrooted, I've copied /etc/resolv.conf & /etc/hosts
into the jail.
It does not fix the issue

thanks for help in advance.






"Guillaume LACHENAL" <glachenal@on-x.com>
Sent by: syslog-ng-admin@lists.balabit.hu
10/24/02 22:33
Please respond to syslog-ng

 
        To:     syslog-ng@lists.balabit.hu
        cc: 
        Subject:        RE: [syslog-ng]centralized loghost


 OK.
I'll modify it tomorrow when back at work.
Is there a way hostname resolution rely on /etc/hosts ?
I'll prefer this setting. Just in case the DNS suffer a DoS
 
thanks a lot
regards,
 
Guillaume

"Hamilton, Andrew" <Andrew.Hamilton@afccc.af.mil>
Sent by: syslog-ng-admin@lists.balabit.hu
10/24/2002 11:52 AM AST
Please respond to syslog-ng

To: syslog-ng@lists.balabit.hu
cc: 
bcc: 
Subject: RE: [syslog-ng]centralized loghost


You have use_dns(no).  Therefore the value of $HOST is the IP address.  If
you want the hostname instead then you need to turn on the use_dns option.

Regards,
Drew

-----Original Message-----
From: Guillaume LACHENAL [mailto:glachenal@on-x.com]
Sent: Thursday, October 24, 2002 11:19 AM
To: syslog-ng@lists.balabit.hu
Subject: [syslog-ng]centralized loghost


I've just install syslog-ng 1.5.21 for centralizing all servers log's

Here is the conf file :

- - syslog-ng.conf - -

options { use_dns(no); sync(0); };

source s_internal { internal(); };
source net { udp( ip(192.168.12.2) port(514) ); };

destination hosts { file( "/var/log/$HOST/$YEAR/$MONTH/$DAY/$FACILITY"\
create_dirs(yes) owner("root") group("root")\
perm(0600) dir_perm(0700) ); };

log { source(s_internal); source(net); destination(hosts); };

- -

the problem is that logs go to

/var/log/IP_of_$HOST/ ...

Thanks for help

G.


_______________________________________________
syslog-ng maillist  -  syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html

_______________________________________________
syslog-ng maillist  -  syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html