I'm used to seeing IPs in the hostname field, but I've been getting some thermal warnings coming in with a blank hostname field. Can anyone tell me what's causing this or give me some hints on where to look?
Thanks
Most likely, this device has multiple IP addresses, and the message that came in has a source IP address other than the IP address for the node. Therefore, there won't be a match in the database, and the hostname will show up blank. You can fix that issue by using the logging source-interface <interface> command. But if you use that, then you might not know what the source address is from. If you use the command logging origin-id hostname, the name of the device will show up in the log message. This command is only available with certain versions of IOS, and not on switches, though.
Hi! Thanks for the input.
My understanding of this is that, if the IP is the same as a device you monitor, it'll show the appropriate hostname and be a clickable link to that devices node page. If it's not a monitored IP, the hostname field will only show the source IP address that the syslog came from.
Sorry, you are right. The node name will be blank, but the hostname will have the source IP address.
If it's not a monitored IP address in Orion, you can just add an entry for it in DNS. That way it will still resolve to a name.
Anyone on the product team have any ideas?
I am having the same issue, Has there been any update to this problem?
