[syslog-ng] SSL encapsulation for TCP transport?

Alexi Papaleonardos alexi.papaleonardos at hypermediasystems.com
Tue Jan 3 18:45:59 CET 2006


The big problem with tunneling the session is that $HOST gets set to 
what the sending host thinks its name is, not the reverse-resolved name 
of the originating IP address.  So in our organization, where we have 
lots of servers named web001.unit1 or web001.unit2 (internal DNS of 
course), a reasonable-looking destination file like 
/var/log/HOSTS/$HOST/$YEAR/$MONTH/$DAY/$FACILITY$YEAR$MONTH$DAY results 
in log lines from multiple hosts getting mingled together in the same 
files if their logs are delivered via stunnel. 

If anyone has figured out a way to solve this problem please share!

Alexi

Bill Nash wrote:
>
> Is it planned? I'm lookin around, and see previous mention of it, but 
> nothing concrete. Yes, I know you can just tunnel the session, but I'd 
> prefer native transport.
>
> - billn
> _______________________________________________
> syslog-ng maillist  -  syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>



More information about the syslog-ng mailing list