Centrelized Logging Problem!
I am Implimenting Centralized syslog at enterprise level with syslog-ng & php-syslog-ng.
At the moment its working fine, however problem i am facing is that its storing logs with IP addresses of All hosts sending logs. So increase the readibility i have given hostnames to IP address in /etc/hosts file.
There are 2 types of Devices sending logs to centralized hosts (on Public IP). One with Public IPs and Other with Private IPs. NOw Problem I am facing is that syslog-ng is storing logs with Hostnames of ones on Public IPs.. however it don't give names to those hosts with private IP.
I have tried running local DNS as well as putting entries in ISP's DNS against those Private IPs. but still it will store logs with private Ips.
Any body have any idea whats wrong here?? Why it is not giving names to hosts with Private IPs??
waiting for some response.