I have a Lenny server that is acting as a remote syslog server for a variety of devices.
Most of the devices are listed by hostname or IP address in their log entries. Other servers, or devices such as HP Procurve switches are listed by IP address. However I have nine D-Link DWL3200AP WAPs that do not have any sort of IP address or hostname associated with their log entries. So I get nice logs saying that the WAP has associated with a particular MAC address, but I do not know which WAP that was.
I think this is because the default rsyslog template does not include hostname or IP address unless the sending device sends it along.
Googling for "rsyslog default template" leads to lots of pages that mention it, but no pages that I saw that describe what it is other than the default template is hard coded into rsyslog. All I want is to get rsyslog to report the source IP address of a remote log entry. The rest would remain the same.
Does anyone know the default template for rsyslog, or a template that will always include the source IP address of a remote log entry?