Syslog Server and Clients

I have installed Syslog-ng on a OpenBSD 3.4 Server. working.....
But i have one little problem:
My Syslog Server is in a Server room, 100 miles away from home
I have 2 OpenBSD Servers at home. Both servers are logging on the Syslog Server.
But i cannot find how to sepperate those two server. cause on the syslog server the host says both: home.domain.com
but one server has a hostname gw01.domain.com
and the other one gw02.domain.com
home.domain.com is the outside address of my dsl...

How can i tell the syslog-server that he must keep the local-hostname of the servers, not the outside addresses...
ColinWebdesignAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gheistCommented:
you cannot, syslog records address it received message from
that is the limitation of NAT technology
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ColinWebdesignAuthor Commented:
to bad :(
0
sunnycoderCommented:
Hi ColinWebdesign,

gheist is right in saying that you can't. However, it might still be possible to differentiate between the messages from these servers. To achieve this, you will have to modify the syslog server on atleast one machine to prefix an identifier/string to all messages that it logs.

It is a bit more work than simply modifying a configuration file but should not be too difficult/time consuming and is definitely a possibility. However, bear in mind that the modification is non-standard behavior and will serve in your specific scenario.

cheers
sunnycoder
0
gheistCommented:
given limitation that all config is done _only_ on syslog server, your answer is completely wrong.
otherwise there should be mention of IPSEC from me.
0
sunnycoderCommented:
Hi gheist,

I could not see any such limitation stated in the question. I beleive that since messages are being forwarded to the syslog server, appropriate configuration would have been done on all three machines!! Moreover,  the solution does not involve a change in the configuration.

Whatever the limitations of the solution, they have been very clearly outlined in my post. I do not see why you need to mention IPSEC in this scenario.

Simple thing is that at some point syslogd process on the home machines is writing the log string to a file/socket descriptor. All asker has to do is prefix a differntiating string to the logged message at that point.

An alternate mechanism will be to run a wrapper process on the home machine to listen to all log messages, prefix identifying string and then pass the message on to syslogd process. More work, but more portable too !!

Not as easy as changing a variable in config file and restarting the daemon but atleast a solution - tad bit better than impossible. ;-)

cheers!
sunnycoder
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Unix OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.