Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Plain View
Flume, mail # user - syslogTcp - is it possible to figure out senders IP (if not in message)?

Erik Steffl 2013-05-10, 22:14
Copy link to this message
Re: syslogTcp - is it possible to figure out senders IP (if not in message)?
Alexander Alten-Lorenz 2013-05-11, 05:27
Do you have looked at Interceptors?

=> Host Interceptor

On May 11, 2013, at 12:14 AM, Erik Steffl <[EMAIL PROTECTED]> wrote:

>  is it possible to get the IP of the host that is sending syslog message?
>  Trying to solve the problem of bad sender syslog config (that is missing hostname), would like to be able to somehow identify where are the broken messages coming from.
>  When I looked at syslogTcp http://grepcode.com/file/repository.cloudera.com/content/repositories/releases/org.apache.flume/flume-ng-core/1.3.0-cdh4.2.0/org/apache/flume/source/SyslogUtils.java#SyslogUtils.extractEvent%28org.apache.flume.source.ChannelBuffer%29 I see that it tries to get hostnam eby parsing message. I would like to have a fallback in case message does not have the hostname.
>  thanks!
>    erik

Alexander Alten-Lorenz
German Hadoop LinkedIn Group: http://goo.gl/N8pCF
Erik Steffl 2013-05-14, 01:42