[syslog-ng] Problem with hostnames!
mrgenius
mrgenius420 at gmail.com
Thu Jul 14 06:52:59 CEST 2005
Yes here is the portion of my syslog-ng.cong
#####################################
options { sync (0);
time_reopen (10);
log_fifo_size (1000);
long_hostnames (yes);
use_dns (yes);
use_fqdn (yes);
create_dirs (no);
keep_hostname (no);
};
source sys { unix-stream ("/dev/log"); internal(); };
source net {
udp(ip(0.0.0.0 <http://0.0.0.0>) port(514) );
};
destination d_mysql {
pipe("/tmp/mysql.pipe"
template("INSERT INTO logs
(host, facility, priority, level, tag, datetime, program, msg)
VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG',
'$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC',
'$PROGRAM', '$MSG' );\n") template-escape(yes));
};
log { source(net); destination(d_mysql);
##############################################
But if you say that syslog-ng first queries DNS Server ... then why it is
resolving names for all public Ips which i defined in /etc/hosts and those
public Ips have no entries in my defined DNS Servers.
i am quite confused how this thing is actually working??
Regards,
-Geni
On 7/14/05, Ken Garland <ken.garland at rotech.com> wrote:
>
> paste the relevant parts of your .conf file.
>
> mrgenius wrote:
>
> >
> > Hi All!
> >
> > I am using Syslog-ng with php-syslog-ng. to give names of my choices
> > to different hosts IP what i did was to define hostnames against each
> > IP of host in /etc/hosts file.
> >
> > It was working fine with Public IP adresses.. But I have some hosts on
> > local network too with 192.168 IPs . The pRoblem i am now facing is
> > that its not storing logs with HOSTNAMES of private IPs. Where as its
> > working fine and giving names of Public IPs.
> >
> > For example In My /etc/hosts file i have these 2 entries
> >
> > 202.164.1.1 <http://202.164.1.1> <http://202.164.1.1> broadband-router
> > 192.168.77.1 <http://192.168.77.1> <http://192.168.77.1> primary-router
> >
> > For 1st entry Logs in database will come with name broadband-router,
> > which is what i want
> > For 2nd Entry Logs in database will come with name 192.168.77.1<http://192.168.77.1>
> > <http://192.168.77.1>, which is what i Don't want
> >
> >
> > Any body has any idea?? any thing to do in configuration of syslog-ng??
> >
> > Regards,
> >
> > -Geni
> >
> >------------------------------------------------------------------------
> >
> >_______________________________________________
> >syslog-ng maillist - syslog-ng at lists.balabit.hu
> >https://lists.balabit.hu/mailman/listinfo/syslog-ng
> >Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
> >
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20050714/1b4328ee/attachment.htm
More information about the syslog-ng
mailing list