Wiki

User Tools

Site Tools

Trace:
ubuntu:bind:logging

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
ubuntu:bind:logging [2020/12/09 17:47] peterubuntu:bind:logging [2020/12/09 18:33] (current) – [Syslog Channel] peter
Line 11: Line 11:
 }; };
 </file> </file>
 +
 +<WRAP info>
 +**NOTE:**  BIND 9 Channels:
 +
 +A channel may be defined to go to:
 +
 +  * **file**  The file pathname must be specified. Optionally, you can specify how many versions of the file can exist at one time and how big the file may grow.
 +  * **syslog**  places logging into syslog.
 +  * **null**  For messages you want to throw away.
 +
 +</WRAP>
 +
 +<WRAP info>
 +**NOTE:**   categories are:
 +
 +  * **default**  BIND 9's default category matches all categories not specifically assigned to channels.
 +    * BIND 9's **default** category doesn't match BIND's messages that aren't categorized. Those are part of the category listed next.
 +  * **general**  The general category contains all of the BIND messages that aren't explicitly classified.
 +  * **client**  Processing client requests.
 +  * **config**  Configuration file parsing and processing.
 +  * **database**  Messages relating to BIND's internal database; used to store zone data and cache records.
 +  * **dnssec** Processing DNSSEC-signed responses.
 +  * **lame-servers**  Detection of bad delegation (re-added in BIND 9.1.0; before that, lame server messages were logged to resolver).
 +  * **network**  Network operations.
 +  * **notify**  Asynchronous zone change notifications.
 +  * **queries**  Query logging (added in BIND 9.1.0).
 +  * **resolver**  Name resolution, including the processing of recursive queries from resolvers.
 +  * **security**  Approved/unapproved requests.
 +  * **update**  Dynamic update events.
 +  * **xfer-in**  Zone transfers from remote name servers to the local name server.
 +  * **xfer-out**  Zone transfers from the local name server to remote name servers.
 +
 +</WRAP>
  
 ---- ----
  
-===== Configure BIND9 to send debug messages related to DNS queries to a separate file =====+===== File Channel =====
  
-We need to configure a **channel** to specify which file to send the messages to, and a **category**.+<code> 
 +logging{ 
 +  channel my_file { 
 +    file "log.msgs" versions 3 size 10k; 
 +    severity dynamic; 
 +  };  
 +}; 
 +</code>
  
-In this example, the category will log all queries. +----
  
-Edit /etc/bind/named.conf.local and add the following:+===== Syslog Channel =====
  
-<file bash /etc/bind/named.conf.local>+<code>
 logging { logging {
-    channel query.log +  channel my_syslog 
-        file "/var/log/named/query.log"; +    syslog local0; // send to syslog's local0 facility
-        severity debug 3+    severity info// only send severity info and higher 
-    }; +  }; 
-    category queries { query.log; };+
 }; };
-</file>+</code> 
 + 
 +<WRAP info> 
 +**NOTE:**  The **facility** can be specified to be any of the following: kern, user, mail, daemon, auth, syslog, lpr, news, uucp, cron, authpriv, ftp, local0, local1, local2, local3, local4, local5, local6, or local7.  
 + 
 +The default is **daemon**, and this is the recommended option to be used. 
 + 
 +</WRAP>
  
 <WRAP info> <WRAP info>
-**NOTE:**  Channels allow you to filter by message severity. Here is the list of severities:+**NOTE:**  Channels allow you to filter by message severity. Here is the list of **severities**:
  
   * critical   * critical
Line 43: Line 89:
   * dynamic   * dynamic
 </WRAP> </WRAP>
 +
 +----
 +
 +===== Configure BIND9 to send debug messages related to DNS queries to a separate file =====
 +
 +We need to configure a **channel** to specify which file to send the messages to, and a **category**.
 +
 +In this example, the category will log all queries. 
 +
 +Edit /etc/bind/named.conf.local and add the following:
 +
 +<file bash /etc/bind/named.conf.local>
 +logging {
 +    channel query.log {
 +        file "/var/log/named/query.log";
 +        severity debug 3;
 +    };
 +    category queries { query.log; };
 +};
 +</file>
  
 Since the named daemon runs as the bind user the **/var/log/named** directory must be created and the ownership changed: Since the named daemon runs as the bind user the **/var/log/named** directory must be created and the ownership changed:
Line 60: Line 126:
  
 <WRAP info> <WRAP info>
-**NOTE:  This is a simple example of the BIND9 logging options.+**NOTE:**  This is a simple example of the BIND9 logging options.
  
 For coverage of advanced options see [[https://ubuntu.com/server/docs/service-domain-name-service-dns#heading--dns-more-info|More Information]]. For coverage of advanced options see [[https://ubuntu.com/server/docs/service-domain-name-service-dns#heading--dns-more-info|More Information]].
ubuntu/bind/logging.1607536034.txt.gz · Last modified: 2020/12/09 17:47 by peter
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki