[syslog-ng]Match host with IP address when using use_dns?
Marco P. Rodrigues
syslog-ng@lists.balabit.hu
Thu, 8 May 2003 14:54:21 -0400 (EDT)
Couldn't seem to find an answer to this in the documentation.
Is it possible to the have the use_dns(yes) option enabled but match
hosts based on their IP address? I want to be able to write files as
their FQDN but fo the REGEX matching based on the IP address. I can
get this to work when I disable the use_dns(yes) option but then the
files are the IP. I don't want to match based on hostnames.
example:
destination net_host_all { file("/tmp/$HOST"); };
filter f_hosts_all {
host("^10\.201\.140\.*") or
host("^10\.201\.150\.*") or
host("^192\.168\.0\.[0-3][0-9]");
};
log { source(net); filter(f_hosts_all); destination(net_host_all);
flags(final); };
While I'm hear might as well kill two birds with one stone. Can
someone give ma a real life example of the practical use of using the
fallback option? I must be inept because I can't see a valid reason to
have it that the final/catchall statement couldn't do (with proper
logical placements of the log statements in the configuration).
MPR.
--
"I am kind of a paranoiac in reverse. I suspect people of
plotting to make me happy." - J.D. Salinger