Send hostnames in RFC 3164 messages

[julienjpk-withings]

While running flexi_logger across a couple of syslog-ng relays, we noticed that all our logs seemed to originate from 127.0.0.1. After some digging, we saw that the messages written by flexi_logger were missing a hostname, and so our first relay, running locally, was adding it in an attempt to comply with RFC 3164 section 4.3.2.

If a relay does not find a valid TIMESTAMP in a received syslog packet, then it MUST add a TIMESTAMP and a space character immediately after the closing angle bracket of the PRI part. It SHOULD additionally add a HOSTNAME and a space character after the TIMESTAMP.

Reading up a bit, we can indeed see that an RFC 3164 header is, ideally, expected to contain a hostname (section 4.1.2).

The HEADER contains two fields called the TIMESTAMP and the HOSTNAME. [...] HOSTNAME will contain the hostname, as it knows itself.

However that RFC is also very accepting of all sorts of variations, so a message without a hostname will typically go through anyway (section 4.2).

There are no set requirements on the contents of the syslog packet as it is originally sent from a device. It should be reiterated here that the payload of any IP packet destined to UDP port 514 MUST be considered to be a valid syslog message.

That being said,

It is, however, RECOMMENDED that the syslog packet have all of the parts described in Section 4.1 - PRI, HEADER and MSG - as this enhances readability by the recipient and eliminates the need for a relay to modify the message.

So this PR does just that and adds the hostname to the message before sending it out :)

[emabee]

Thanks for the PR! It is merged and contained in flexi_logger v0.31.7.