Log sink does not look for dns change

Document ID : KB000106973
Last Modified Date : 18/07/2018
Show Technical Document Details
Issue:
The Log sink has been set to push audit logs to a syslog server. The hostname of the syslog server has been used in the configuration. 
The following procedure was used.
https://docops.ca.com/ca-api-gateway/9-1/en/configure-security/tasks-menu-security-options/manage-log-audit-sinks/how-to-audit-to-a-remote-syslog

Use Case/Problem:  The ip address of the syslog server changed and the dns was updated. The gateway still sends the syslog to the old ip address. 
Cause:
Checking the name resolution before sending the log message is a huge task. This would mean, that before sending every log message, there should be a check on the name resolution. This would put a heavy load on the network as there may be several logs sent every second. By default even syslog is set as UDP. 
Resolution:
Gateway is working as designed. The gateway does not check for ip address change every time there it sends out a syslog. The gateway service has to be restarted for the dns to be checked.