[syslog-ng] Host/IP Macros in relay chains
Balazs Scheidler
bazsi at balabit.hu
Fri Jan 9 19:09:54 CET 2009
On Fri, 2009-01-09 at 10:46 +0000, Pennington, Philip wrote:
> Sandor,
>
>
> Thanks for your comments and useful suggestions.
>
> The requirement is somewhat complicated in that at a point along the
> chain, I need to have the originating hostname for host filtering
> purposes, whereas at the end of the chain, I need syslog-ng to present
> the IP. That's why I began talking about reverse name resolution on the
> last relay.
well, with syslog-ng 3.0 and parse/rewrite you could probably encode all
the needed information into the message payload and the change it back
at the endpoints.
see my blog about parse/rewrite capabilities:
http://bazsi.blogs.balabit.com/2008/10/syslog-ng-message-parsing.html
or the what's new document:
http://www.balabit.com/dl/guides/syslog-ng-v3.0-guide-whatsnew-en.pdf
the open source version of syslog-ng 3.0 is already released, although
the official announcement is still due.
--
Bazsi
More information about the syslog-ng
mailing list