Syslog Server and Clients

Posted on 2004-11-24
Last Modified: 2013-12-09
I have installed Syslog-ng on a OpenBSD 3.4 Server. working.....
But i have one little problem:
My Syslog Server is in a Server room, 100 miles away from home
I have 2 OpenBSD Servers at home. Both servers are logging on the Syslog Server.
But i cannot find how to sepperate those two server. cause on the syslog server the host says both:
but one server has a hostname
and the other one is the outside address of my dsl...

How can i tell the syslog-server that he must keep the local-hostname of the servers, not the outside addresses...
Question by:ColinWebdesign
    LVL 61

    Accepted Solution

    you cannot, syslog records address it received message from
    that is the limitation of NAT technology

    Author Comment

    to bad :(
    LVL 45

    Expert Comment

    Hi ColinWebdesign,

    gheist is right in saying that you can't. However, it might still be possible to differentiate between the messages from these servers. To achieve this, you will have to modify the syslog server on atleast one machine to prefix an identifier/string to all messages that it logs.

    It is a bit more work than simply modifying a configuration file but should not be too difficult/time consuming and is definitely a possibility. However, bear in mind that the modification is non-standard behavior and will serve in your specific scenario.

    LVL 61

    Expert Comment

    given limitation that all config is done _only_ on syslog server, your answer is completely wrong.
    otherwise there should be mention of IPSEC from me.
    LVL 45

    Expert Comment

    Hi gheist,

    I could not see any such limitation stated in the question. I beleive that since messages are being forwarded to the syslog server, appropriate configuration would have been done on all three machines!! Moreover,  the solution does not involve a change in the configuration.

    Whatever the limitations of the solution, they have been very clearly outlined in my post. I do not see why you need to mention IPSEC in this scenario.

    Simple thing is that at some point syslogd process on the home machines is writing the log string to a file/socket descriptor. All asker has to do is prefix a differntiating string to the logged message at that point.

    An alternate mechanism will be to run a wrapper process on the home machine to listen to all log messages, prefix identifying string and then pass the message on to syslogd process. More work, but more portable too !!

    Not as easy as changing a variable in config file and restarting the daemon but atleast a solution - tad bit better than impossible. ;-)


    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    In tuning file systems on the Solaris Operating System, changing some parameters of a file system usually destroys the data on it. For instance, changing the cache segment block size in the volume of a T3 requires that you delete the existing volu…
    Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
    Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
    In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now