Hostname in Syslog Header Becomes Hyphen when Syslog HOSTNAME Format" is Set to "none""

Hostname in Syslog Header Becomes Hyphen when Syslog HOSTNAME Format" is Set to "none""

19914
Created On 09/26/18 13:54 PM - Last Modified 06/13/23 04:29 AM


Resolution


Overview

In PAN-OS 6.0.0, the following enhancement was added:

Enhancement in the Syslog Header –the user can now choose the format of the hostname field in the syslog header. The syslog header can display one of the following:

  • FQDN (hostname and domain name)
  • Hostname
  • IPv4 address
  • IPv6 address of the sending device

 

This option can be configured in the Send Hostname in Syslog drop-down field on the Device (or Panorama) > Setup > Management > Logging and Reporting Settings section. The drop-down field provides the following choices:

  • FQDN
  • Hostname
  • IPv4 address
  • IPv6 address
  • None (select None to leave the hostname field in the syslog header empty)

 

Details

In PAN-OS 6.0 and above, the hostname in syslog header becomes hyphen as follows when "Syslog HOSTNAME Format" is set to "none".

---------------------------------------

May 8 12:13:17 - 1,2014/05/08

---------------------------------------

Screen Shot 2014-07-09 at 5.42.37 PM.png

 

In PAN-OS 5.0 and 5.1, the hostname in syslog header becomes empty as follows when "Send Hostname in Syslog" is disabled.

---------------------------------------

May 8 12:06:01 1,2014/05/08

---------------------------------------

Screen Shot 2014-07-09 at 5.54.04 PM.png

Syslogs with hostname set to "-" or empty strings are equivalent. In almost all cases, syslog servers prefer getting the "-" for empty values. This is working as expected.

 

owner: ymiyashit
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClzfCAC&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language