[syslog-ng]directory creation problem

Sylvain Hubert syslog-ng@lists.balabit.hu
Fri, 05 Dec 2003 09:23:01 -0500


Hi,

I am running syslog-ng 1.6r3 on a redhat linux 7.3. The central log 
server is receiving logs from solaris 2.8, aix 4/5 and windows 2k 
(using nt-syslog). Syslog-ng creates directories based on the $HOST 
variable, i.e., /var/syslog-ng/$HOST/.../logfiles.

For some reason, the directories created is not always the $HOST, i.e, 
not an ip or a valid hostname (I am using the check_hostname option) 
but some left over of some syslog or nt-syslog messages. Here is an 
example of the content of the /var/syslog-ng/ directory:

10.10.10.1
10.10.10.2
10.10.10.3
adam (valid hostname)
alex (valid hostname)
ntds (not valid)
service (not valid)
windows (not valid)

I am trying to figure out why these directories (the non valid ones) 
are created and how to prevent them. Right now, this seem to happen for 
nt-syslog and also for solaris 2.8. Any suggestions or help would be 
greatly appreciated. 

Thanks,

Sylvain Hubert