Remote SYSLOG server using hostname…



  • Is there any way of having pfSense in version 2.0-RELEASE use at hostname to locate the remote SYSLOG server?

    Am using a redundant SYSLOG setup where there are more than one server able to proces the request and log it, but this creates duplicate entries at the moment because I have added all IP addresses in the SYSLOG settings on the pfSense.
    However, I wouldn't want to loose any logging because one of the SYSLOG servers go down but the duplicate entries are a bit annoying :)

    Regards,
    Anders


  • Rebel Alliance Developer Netgate

    Even if you could enter a hostname there I believe syslogd only resolves it once when syslog is started, so if you rely on the DNS result changing over time, that wouldn't help you, not unless you somehow also made syslogd restart periodically.



  • The paid version of Kiwi syslog daemon can forward log records to another syslog server but I don't know if it can do that at the same time as logging the messages itself.   You might need to have two paid copies of Kiwi as well.

    EDIT:  Having read the whole of the link below, I see that you don't need the paid version unless you want to spoof the original IP address.

    http://www.kiwisyslog.com/help/syslog/index.html?action_forward_to_another_host.htm

    ~~I don't have the full version but you get 30 days of full function with a trial copy.  ~~It does only run on Windows though.


Log in to reply