syslogd logging to remote host problem

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

syslogd logging to remote host problem

Kapetanakis Giannis
Hi,

If you enable remote syslog (@tls4://log.example.com:6514) in /etc/syslog.conf
and syslogd is started before network is available then the machine will never log to remote syslog server even after network is up.

This is due to failure in name resolution which is permanent (no retries).
This happens because the name resolution is in config file checks cfline()

[priv]: msg PRIV_GETADDRINFO received
syslogd: bad hostname "@tls4://log.example.com:6514"

If you reload the syslogd server, after network is ready then logging will start.

If you add the IP of the remote server in /etc/hosts then you get "Network is down" and syslogd will retry until is connected which is logical.

syslogd: connect "@tls4://log.example.com:6514": Network is down
logmsg: pri 053, flags 0x4, from dev, msg syslogd: connect "@tls4://log.example.com:6514": Network is down
Logging to FORWTLS @tls4://log.example.com:6514
Logging to FILE /var/log/messages
tcp connect retry: wait 1
syslogd: connect "@tls4://log.example.com:6514": Network is down
logmsg: pri 053, flags 0x4, from dev, msg syslogd: connect "@tls4://log.example.com:6514": Network is down

But adding the IP in /etc/hosts is not ideal, nor reloading the syslogd after a while.

Sorry I cannot provide a patch for this refactoring, just report it.

regards,

G