[syslog-ng] DNS hostnames vs. /etc/hosts?
micah milano
micaho at gmail.com
Mon Mar 13 15:05:10 CET 2006
Hi,
I'm doing remote logging from one client, whose actual hostname is
"ibis", however the logs are being sent through an openVPN tunnel so
the receiving log server has this in /etc/hosts:
127.0.0.1 localhost emu
10.8.0.5 ibis-vpn
What I cannot figure out is why a log directory is created for both
"ibis" and "ibis-vpn", I want all the logs from that host to appear in
one directory.
On the client I have:
destination server { tcp("10.8.0.1" port(514)); };
On the server I have:
options {
long_hostnames(off);
sync(1);
stats(0);
log_fifo_size(2048);
dns_cache(yes);
keep_hostname(yes);
bad_hostname("gconfd");
create_dirs(yes);
};
source tcp_src { tcp(max-connections(1000)
tcp-keep-alive(yes)); };
destination remote_servers { file("/whopper/logs/$HOST/$FACILITY.log"
owner(root)
group(adm)
perm(0640)
dir_perm(0755)
create_dirs(yes)); };
log {
source(tcp_src);
destination(remote_servers);
flags(final);
};
More information about the syslog-ng
mailing list