Forum Discussion
Rsyslog Linux Machine to Sentinel
Hi All, we implement two Linux machine, one for collect log and send it to Microsoft Sentinel and another machine that send log from syslog to this collector, all works fine log sent correctly to Sen...
- Hello Guido,
I believe the Host IP is obtained via DNS lookup. A log collector agent (either LAA/MMA or AMA) will try to resolve the hostname within the syslog event using its hosts DNS configuration (usually configured within /etc/resolv.conf. Make sure the required search domains have been configured, and the hostname matches a record within your DNS server.
Regards,
Arjan
Hello Guido,
I believe the Host IP is obtained via DNS lookup. A log collector agent (either LAA/MMA or AMA) will try to resolve the hostname within the syslog event using its hosts DNS configuration (usually configured within /etc/resolv.conf. Make sure the required search domains have been configured, and the hostname matches a record within your DNS server.
Regards,
Arjan
I believe the Host IP is obtained via DNS lookup. A log collector agent (either LAA/MMA or AMA) will try to resolve the hostname within the syslog event using its hosts DNS configuration (usually configured within /etc/resolv.conf. Make sure the required search domains have been configured, and the hostname matches a record within your DNS server.
Regards,
Arjan
- Thanks a lot smid, i modify dns configuration in this file and resolve my issue 🙂
Many Thanks,
Guido