Hi all,
I have a syslog server that receives logs from several hosts using the standard 514/udp syslog protocol. Most of these systems are internal, so I have added an entry for each in the /etc/hosts file so the names get loged instead of IP addresses.
I'm having a problem where one host logs the FQDN and another host only logs the hostname portion.
/etc/hosts excerpt:
Code:
192.168.1.230 voipfw01.mydom.net
192.168.1.8 main-fw.my-dom.com
Both hosts sent to local4, which I have excluded from all other logs and only writes to /var/log/firewall. In the log, I have:
Code:
Jun 2 10:07:13 main-fw <message>
Jun 2 10:07:14 voipfw.mydom.net <message>
Both FQDN are the same length, so I don't think it's a truncation problem. The only difference that is apparent to me is the hyphens in the second entry.
I need the FQDN to be logged, please help.