[syslog-ng] Forward to eIQ?

Kevin kkadow at gmail.com
Fri Mar 24 00:49:45 CET 2006

Is anybody using syslog-ng to forward events to EIQ's "Syslog Service"?

I'm using Secure Computing's new "Security Reporter" (aka "G2SR"), a
relabeled EIQ product, to process logs from multiple Sidewinder G2

When forwarding events from syslog-ng to EIQ, their proprietary
Windows syslog daemon takes the source IP address of the syslog-ng box
and puts it into the resulting logfiles as the source of the event.

I'm wondering if there's a template() I can use to insert the original
hostname/IP such that EIQ will respect the forwarded hostname, or if I
must use source IP spoofing when forwarding to EIQ?



More information about the syslog-ng mailing list