Hostname with forwarding

This is the place for you, if you got rsyslog up and running but wonder how to make it do what you want.

Moderator: rgerhards

Google Ads


Hostname with forwarding

Postby Caro1906 » Tue Aug 30, 2016 8:03 am

Hello,

I have a rsyslog server (vm-1) and kiwi syslog server. My equipments send informations to my rsyslog server, after i make forwarding to my kiwi syslog server.
The forwarding is "ok" but the hostname is the name to my rsyslog server "vm-1". Can we have the name of the original equipment in rsyslog server?

Thank you
Caro1906
New
 
Posts: 1
Joined: Tue Aug 30, 2016 7:49 am

Urgent Question?

  • Pulling out your Hair?
  • Wasting Time and Money?
  • Deadline Approaching?

Re: Hostname with forwarding

Postby uppsalanet » Mon Sep 05, 2016 3:29 pm

Try use a template for ffwd using %FROMHOST%:
Code: Select all
template (name="fwdCSIRT" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %FROMHOST% %syslogtag:1:32%%msg:::sp-if-no-1st-sp%%msg%")


Or use from sendig part:
#Rsyslog uses the glibc routine gethostname() or gethostbyname() to determine the hostname
#of the local machine The gethostname() or gethostbyname() routine check the contents of
#/etc/hosts for the fully qualified domain name (FQDN) if you are not using BIND or NIS.
#The output of hostname --short will be used by rsyslog when writing log messages. You will
#have to add $PreserveFQDN on to the beginning of the file (before using any directive that
#write to files). This is because, rsyslog reads config file and applies it on-the-go and
#then reads the later lines.
Code: Select all
$PreserveFQDN on
uppsalanet
Avarage
 
Posts: 18
Joined: Thu Apr 28, 2016 9:09 am

Re: Hostname with forwarding

Postby PCnetMD » Thu Jul 13, 2017 5:17 pm

Did this get resolved?
If so, can you share what you did?
Thank you.
PCnetMD
New
 
Posts: 3
Joined: Fri Jun 30, 2017 2:14 pm

Google Ads



Return to Configuration

Who is online

Users browsing this forum: No registered users and 1 guest

cron