[syslog-ng] RE: Removal of forwarder hostname ??
Michael Gehrmann
Michael.Gehrmann at citec.com.au
Mon Jan 23 00:12:57 CET 2006
Hi,
What you are looking for is a compiled option: --enable-spoof-source
You can then enable it in your syslog-ng.conf using the option per destination e.g. destination syslogbox { udp("X.X.X.X" port(514) spoof_source(yes)); };
Regards
Mike
Message: 1
Date: 21 Jan 2006 14:36:50 -0000
From: "krishna y" <krish_bvrm at rediffmail.com>
Subject: [syslog-ng] Removal of forwarder hostname ??
To: syslog-ng at lists.balabit.hu
Message-ID: <20060121143650.19410.qmail at webmail8.rediffmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi,
I have configured the Syslog-ng in HPUX and forwarding the messages to Ciscoworks The original message to Syslog-NG is as following:
Jan 20 12:44:32 SYSNG.it.net CiscoDev01 7366: Jan 20 12:44:31.526 GMT: %SYS-5-CONFIG_I: Configured from 192.168.100.10 by snmp
While forwarding to other syslog server, Syslog-NG is adding it's own host name to the message and sending as below:
Jan 20 12:44:32 SYSNG.it.net CiscoDev01 7366: Jan 20 12:44:31.526 GMT: %SYS-5-CONFIG_I: Configured from 192.168.100.10 by snmp
(Note:SYSNG.it.net = HostName of Syslog-ng server, CiscoDev01=Device hostName)
The final syslog Server(Ciscoworks) is not treating the message is as from the CiscoDev01.There's no use of running script in Ciscoworks box to remove the entry of SYSNG.it.net. It has to be done before receiving the message
How to avoid this at Syslog-NG level? Tried the following options, but no luck: keep_hostname(yes); chain_hostnames(no); long_hostnames(no);
Please let me know the procedure not to append the hostname of the Syslog-NG to the message.
Thanks in advance,
Krishna Y
--------------------------------------------------------
This email and associated attachments may contain confidential and privileged CITEC information that is provided solely for the use of the intended addressee. Views and opinions expressed in this email are those of the individual sender and are not necessarily the views and opinions of CITEC unless the sender expressly states that such views and opinions are those of CITEC. The privilege and confidentiality associated with this email and attachments will not be waived, lost or rescinded by reason of mistaken delivery. Should you receive this email by mistake, please notify the sender by return email then delete the email from your computer system. You must not use, copy, modify, print, or distribute the email or the information and attachments contained within same to any third party. CITEC does not accept any liability in respect of viruses or computer problems experienced by the recipient through access gained to this email and its attachments.
--------------------------------------------------------
________________________________________________________________________
This email has been scanned for viruses by the CITEC Email Anti-Virus service powered by MessageLabs. For more information on a proactive email anti-virus service working around the clock, around the globe, visit www.citec.com.au
________________________________________________________________________
More information about the syslog-ng
mailing list