Feature: Add option to indicate syslog originating host
TScalzott opened this issue · 0 comments
TScalzott commented
The monitor can be used as a syslog forwarder by allowing remote connections with "accept_remote_connections:true"
However, all forwarded entries will log with $serverHost equal to where the agent is running. An option to override with the name/ip of the syslog entry's sender would allow proper searching for and on those devices.
Alternatively, populating a new variable such as $sendingHost would be acceptable.
There may be a need to take reverse name resolution into account for performance reasons.