[syslog-ng] Re: newbie question on dns_cache in syslog2.x
jrhendri at maine.rr.com
jrhendri at maine.rr.com
Tue Dec 19 22:16:30 CET 2006
Sorry for the repost.
What do other folks do with large numbers of machines?
Do you not resolve names and log with IP addresses only?
Do you run nscd for local caching?
Just curious.
Jim
----- Original Message -----
From: <jrhendri at maine.rr.com>
Date: Tuesday, December 12, 2006 4:32 pm
Subject: newbie question on dns_cache in syslog2.x
To: syslog-ng at lists.balabit.hu
> Apologies in advance for the the newbie question. I did search the
> archives, the FAQ and look at the source before posting.
>
> I am configuring a fedora core 5 system with syslog-ng-2.0rc4 and have
> not had any success with dns_cache(yes) actually doing anything.
>
> I setup tcpdump to watch the DNS traffic and am generating logs toward
> the box. No matter whether I have dns_cache enabled or not I see dns
> lookups for each inbound message. When I look at the source code, I
> findthe resolve_hostname() function in misc.c and I don't see any
> cachingcode. What I do see is:
>
> /* FIXME: add nscache support here */
>
> Am I missing something? How does dns_cache(yes) actually work?
>
> I do want to use hostnames in the logging directories, but I do not
> wanteach syslog message to trigger a DNS query. Should I just use
> nscd on
> the server and not worry about it :-)
>
> Thanks again!
>
> Jim
>
>
>
More information about the syslog-ng
mailing list