[syslog-ng] host$
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Wed May 25 19:12:09 CEST 2005
On Wed, 25 May 2005 15:26:59 -0000, Speedy Sweedy said:
> I am new to this list and new to syslog-ng so please forgive me if this
> question has been asked before. I looked through the archive but didn't
> come across anything that helped me.
>
> I have syslog-ng working on my FC3 box with SELinux set at its highest
> setting(wow that was fun!) but it logs the IP address of the remote host
> instead of the hostname. I can't seem to get it to log anything different
> than the IP address of the box sending the log. Here is my options in
> syslog-ng.conf:
>
> options {
> sync (0);
> time_reopen (10);
> log_fifo_size (1000);
> long_hostnames (off);
> use_dns (no);
> use_fqdn (no);
> create_dirs (yes);
> keep_hostname (yes);
> };
>
> what am I doing wrong?
Most likely, you have a borked syslog-ng.te that doesn't allow the syslog-ng
process to read /etc/nsswitch.conf or similar, breaking DNS lookups.
Grep through your logs and find any avc entries that reference syslog-ng.
(And BTW - FC4 is about to escape, I'd *strongly* recommend upgrading to it
if you're doing any SELinux work - the policy definitions have been worked
on a *lot*. If you can't upgrade, at least get the updated SELinux RPMs (they
should work OK on the FC3 kernel)).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.test.balabit.hu/pipermail/syslog-ng/attachments/20050525/c90243e9/attachment.pgp
More information about the syslog-ng
mailing list