AW: [syslog-ng]syslog-ng blanks in Servicename
Unger, Christian
syslog-ng@lists.balabit.hu
Wed, 7 May 2003 12:25:28 +0200
>On Wed, Apr 30, 2003 at 12:22:34PM +0200, Unger, Christian wrote:
>> Hi,
>>=20
>> i log many informations via NT-Syslog to syslog-ng. Windows 2000 have =
some services with a blank in the Servicename. ex: NTDS ISAM
>>=20
>> the log entry from syslog-ng seams as following:
>> Apr 15 15:42:33 ntds isam[info] 700 NTDS (268) Online =
defragmentation is beginning a full pass on database =
'C:\WINNT\NTDS\ntds.dit'.
>>=20
>> NTDS ist NOT my hostname, thats the problem!
>>=20
>> I think thats the problem is in RFC. But i don't read it. ( no time =
:[ )
>>=20
>> is there a easy escape? or will the next version of syslog-ng have a =
escape?
>
>try check_hostname(yes)
>
----
check_hostnames(yes) doesn't help.
I checked some information's with tcpdump. An I found a very interest =
handling. Syslog-ng is able to handle hostnames in syslog datagram, the =
delimiter between hostname and service name seams to be a space. So if I =
have spaces in service name syslog-ng thinks that the first word must be =
the hostname, but that's wrong. What can I do know?