I am trying to figure out why Papertrail it not using the hostname as is advertised on this documentation page:
Papertrail honors the hostname sent by your log sender, such as rsyslog or remote_syslog2. By default, this is the system hostname.
Using this docker compose snippet:
services:
nginx:
logging:
driver: syslog
options:
syslog-address: udp://logsN.papertrailapp.com:XXXXX
tag: nginx
creates log entries on Papertrail with the machine IP instead of the hostname.
I have tested the same configuration using local syslog, with the below docker-compose snippet, and I could see the hostname in the log properly.
services:
nginx:
logging:
driver: syslog
Not sure what I am missing.
With the help of the guys at Papertrail, here is the answer:
By default, Docker's syslog driver assumes the logs are being sent to a local syslog daemon, which means the hostname is omitted. To tell it otherwise, specify syslog-format: rfc5424.
logging:
driver: syslog
options:
syslog-format: rfc5424
syslog-address: udp://logsN.papertrailapp.com:XXXXX
tag: nginx