Meraki

PaulHenry · ‎Jan 25 2019

We have multiple MX-250 devices on the network and I am using rsyslog to collect my logs.

As of now, the hostname in the logs shows as "_gateway". If I send logs from an Ubuntu host, I get the correct hostname in the log file,but not when the logs come from the MX-250.

Our MX-65 shows in the the syslogs with its IP address, as do all the access points. Where is the "_gateway" name coming from for the MX-250?

Is there a place to set this in the configuration screens?

This is what the log entry looks like:

2019-01-25T15:38.16986678-5:00 _gateway 1548448.1704225745 ip_flow_end src=...

Thanks in advance for any ideas.

PaulHenry · ‎Jan 25 2019

That is exactly what is happening! It is the syslog server that is setting the hostname, not the MX-250

All I had to do was put an entry in /etc/hosts and restart rsyslog

Thank you.

-Paul

View solution in original post

PhilipDAth · ‎Jan 25 2019

If you do an nslookup on the MX250 IP address it doesn't resolve to that name by chance does it?

BrechtSchamp · ‎Jan 25 2019

Any chance the syslog server puts it in there like that because it detects the source is it's own default gateway?

PaulHenry · ‎Jan 25 2019