[syslog-ng] bugreport for 1.9.5 on solaris
Roberto Nibali
ratz at drugphish.ch
Sat Oct 8 00:18:55 CEST 2005
> Yeah, but then you wouldn't even think of this option in that case.
True.
> At least one of the sample configurations on my site has one:
>
> bad_hostname("^(ctld.|cmd|tmd|last)$");
>
>>> Make sense?
>> Thanks, Nate. Yes it does, but does it handle all possible cases? Maybe
>> the Pareto principle applies ...
>
> If you're saying that this is not important, maybe it's not to you, but
> people using the really common destination like this:
I don't mean to imply that this is not important, I just like to discuss
the correctness of the implementation at this point. Your explanation
before rendered the necessity for such a feature perfectly clear.
> destination hosts {
> file("/var/log/HOSTS/$HOST/$YEAR/$MONTH/$DAY/$FACILITY$YEAR$MONTH$DAY"
> owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes));
> };
>
> ...will see all kinds of crazy hostname directories that don't match any
> host. Perhaps they should not use keep_hostname and only use IPs - which
> sounds great.
We also use such destination, it's a typical "config" for central
loghost servers. I normally don't configure our projects so I'm not too
fluent with the options. I'm certain we use this option as well in our
configs.
> BUT WAIT - that means "ctld" will be tossed and you'll permanently only
> have "8.9" as the program name for all your "ctld 8.9" processes. Same
> goes for other "bad hostnames".
I need to think a bit about this, maybe we find an alternative solution.
> If I remember correctly this is the reason Bazsi was convinced to create
> the bad_hostname option, he saw that information was actually lost when
> you tried to "do the right thing."
The fruits of this labour can be found in src/log.c:parse_log_msg().
Thanks for your patience and yes, it's definitely missing in 1.9.x.
Regards,
Roberto Nibali, ratz
--
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq'|dc
More information about the syslog-ng
mailing list