[syslog-ng](no subject)

Marco P. Rodrigues syslog-ng@lists.balabit.hu
Thu, 8 May 2003 14:52:02 -0400 (EDT)

Couldn't seem to find an answer to this in the documentation.

Is it possible to the have the use_dns(yes) option enabled but match
hosts based on their IP address? I want to be able to write files as
their FQDN but fo the REGEX matching based on the IP address. I can
get this to work when I disable the use_dns(yes) option but then the
files are the IP. I don't want to match based on hostnames.


destination net_host_all       { file("/tmp/$HOST"); };
filter f_hosts_all             {
                                       host("^10\.201\.140\.*") or
                                       host("^10\.201\.150\.*") or
log { source(net); filter(f_hosts_all); destination(net_host_all);
flags(final); };

While I'm hear might as well kill two birds with one stone. Can
someone give ma a real life example of the practical use of using the
fallback option? I must be inept because I can't see a valid reason to
have it that the final/catchall statement couldn't do (with proper
logical placements of the log statements in the configuration).


"I am kind of a paranoiac in reverse. I suspect people of
plotting to make me happy." - J.D. Salinger