Link to home
Start Free TrialLog in
Avatar of linuxperson
linuxpersonFlag for Canada

asked on

syslog server is not getting the source hostname

http://www.campin.net/syslog-ng/expanded-syslog-ng.conf

HOST               The name of the source host where the message
#                       is originated from. If the message traverses
#                       several hosts, and chain_hostnames() is on,
#                       the first one is used.

destination std {
        file ("/var/log/HOSTS/$YEAR-$MONTH/$HOST/$FACILITY-$YEAR-$MONTH-$DAY"
                owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)
        );
};


when i used $HOST i am getting IP address of the host and not the hostname

why?
Avatar of Mark
Mark
Did you try $HOSTNAME instead of $HOST?
Avatar of Steven Vona
Steven Vona
Flag of United States of America image
Does the machine have access to a DNS server to resolve the IP to a host (PTR) record?
Avatar of gheist
gheist
Flag of Belgium image
If you resolve reverse DNS it will add 1/1000-15s delay before log message hits the disk. You can resolve IPs offline if you really need it later.
Avatar of Steven Vona
Steven Vona
Flag of United States of America image
@gheist, if your DNS takes 15 seconds to answer you have more problems than syslog.

You can also add all the hostname to the host file on the syslog server if you do not want to send a bunch or queries to your DNS server.
SOLUTION
Avatar of gheist
gheist
Flag of Belgium image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of Steven Vona
Steven Vona
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Avatar of linuxperson
linuxperson
Flag of Canada image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of linuxperson
linuxperson
Flag of Canada image

ASKER

I've requested that this question be closed as follows:

Accepted answer: 0 points for linuxperson's comment #a40689985
Assisted answer: 250 points for gheist's comment #a40677412
Assisted answer: 250 points for savone's comment #a40677851

for the following reason:

found solution myself
Avatar of Steven Vona
Steven Vona
Flag of United States of America image
I have to object, I mentioned DNS issues several times. My first comment was questioning about DNS.
Avatar of gheist
gheist
Flag of Belgium image
We both can be right in a good solution - no more inline lookup and DNS fixed - a clear win-win...