I have posted that on syslog-ng mailing-list, but i don't have any answer for now...I try to submit my problem to debian's experts
I work for a lange society, and we use syslog-ng for 5 years now.We have a centralized server with storage tank to keep logs securly.
Concretely, we have 2 centralized servers syslog-ng in chrooted environement, and 50 clients servers.
Since we use TLS transport in place of stunnel workaround, we have many issues :Β*- First of all, many logs aren't writen in $HOST folder but in IPADDRESS folder. So, to be clear, this is an exemple :
# lsdrwxr-x--- Β* 8 root adm Β* Β* Β*4,0K Β*1 mars Β*00:07Β*10.0.0.1drwxr-x--- Β*53 root adm Β* Β* Β*4,0K 19 mars Β*00:35 host1
I assume thatΒ*host1Β*haveΒ*10.0.0.1Β*IP address andΒ*
# tree 192.168.100.79/2012-03/10.0.0.1/2012-03/βββ 02-user-10.0.0.1.log.bz2
βββ 06-user-10.0.0.1.log.bz2βββ 07-user-10.0.0.1.log.bz2βββ 08-user-10.0.0.1.log.bz2βββ 09-user-10.0.0.1.log.bz2βββ 12-user-10.0.0.1.log.bz2
βββ 13-user-10.0.0.1.log.bz2βββ 14-user-10.0.0.1.log.bz2βββ 15-user-10.0.0.1.log.bz2βββ 16-user-10.0.0.1.log.bz2βββ 19-user-10.0.0.1.log
# tree host1/2012-03/ |grep 19-βββ 19-apache.access-host1.logβββ 19-apache.error-host1.logβββ 19-authpriv-host1.logβββ 19-auth-host1.log
βββ 19-cron-host1.logβββ 19-daemon-host1.logβββ 19-kern-host1.logβββ 19-mail-host1.logβββ 19-nagios-host1.logβββ 19-puppetd-host1.logβββ 19-syslog-host1.log
(we have this problem with many servers)In facility "user" for hostΒ*10.0.0.1Β*in fact i have log for snmptrapd... But why ??
We have config for snmpd but not for snmptrapd...Β*So i have tried to define a default facility => failedAfter i have tried many dns and hostnames options => failed
As anyone here have a way to search for me ?If you need more details, i'm your's.