[syslog-ng] ng to ng then to syslog
Balazs Scheidler
bazsi at balabit.hu
Tue Aug 2 18:59:14 CEST 2005
On Tue, 2005-08-02 at 09:26 -0400, Gerardo Amaya wrote:
> Balazs Scheidler wrote:
>
> >On Tue, 2005-08-02 at 00:37 +0200, Frans Stekelenburg wrote:
> >
> >
> >>I agree with the previous poster, why indeed use another (lesser) syslog
> >>;-)
> >>But if you insist:
> >>
> >>Try with the 'spoof_source(yes)' as option in your tcp(... <options>).
> >>I also learned that localip() can be used to force a certain local ip,
> >>but I don't think that applies to your setup.
> >>
> >>
> >
> >spoof_source only works with udp()
> >
> >
> >
> The manual says tcp() and udp(), can you please confirm on that so I can
> plan my installation enviroment.
Here is the documentation that I see:
<entry>spoof_source</entry>
<entry>yes or no</entry>
<entry>
Enables source address spoofing. This means that the host
running syslog-ng generates UDP packets with the source IP
address matching the original sender of the message. It is
useful when you want to perform some kind of preprocessing
via syslog-ng then forward messages to your central log
management solution with the source address of the
original sender. This option only works for UDP destinations
though the original message can be received by TCP as well.
This option is only available if syslog-ng was compiled using
the --enable-spoof-source configure option.
</entry>
--
Bazsi
More information about the syslog-ng
mailing list