[syslog-ng] Forward to eIQ?
kkadow at gmail.com
Fri Mar 24 00:49:45 CET 2006
Is anybody using syslog-ng to forward events to EIQ's "Syslog Service"?
I'm using Secure Computing's new "Security Reporter" (aka "G2SR"), a
relabeled EIQ product, to process logs from multiple Sidewinder G2
When forwarding events from syslog-ng to EIQ, their proprietary
Windows syslog daemon takes the source IP address of the syslog-ng box
and puts it into the resulting logfiles as the source of the event.
I'm wondering if there's a template() I can use to insert the original
hostname/IP such that EIQ will respect the forwarded hostname, or if I
must use source IP spoofing when forwarding to EIQ?
More information about the syslog-ng