Differences

This shows you the differences between two versions of the page.

--- ubuntu:bind:logging [2020/12/09 18:13] – [Ubuntu - Bind - Logging] peter
+++ ubuntu:bind:logging [2020/12/09 18:33] (current) – [Syslog Channel] peter
@@ Line 13: / Line 13: @@
 <WRAP info>
-**NOTE:**  BIND 9 categories are:
+**NOTE:**  BIND 9 Channels:
-  * **default**  BIND 9's default category matches all categories not specifically assigned to channels.  BIND 9's default category doesn't match BIND's messages that aren't categorized. Those are part of the category listed next.
+A channel may be defined to go to:
+  * **file**  The file pathname must be specified. Optionally, you can specify how many versions of the file can exist at one time and how big the file may grow.
+  * **syslog**  places logging into syslog.
+  * **null**  For messages you want to throw away.
+</WRAP>
+<WRAP info>
+**NOTE:**   categories are:
+  * **default**  BIND 9's default category matches all categories not specifically assigned to channels.
+    * BIND 9's **default** category doesn't match BIND's messages that aren't categorized. Those are part of the category listed next.
   * **general**  The general category contains all of the BIND messages that aren't explicitly classified.
   * **client**  Processing client requests.
@@ Line 35: / Line 47: @@
 ----
-===== Configure BIND9 to send debug messages related to DNS queries to a separate file =====
+===== File Channel =====
-We need to configure a **channel** to specify which file to send the messages to, and a **category**.
+<code>
+logging{
+  channel my_file {
+    file "log.msgs" versions 3 size 10k;
+    severity dynamic;
+  };
+};
+</code>
-In this example, the category will log all queries.
+----
-Edit /etc/bind/named.conf.local and add the following:
+===== Syslog Channel =====
-<file bash /etc/bind/named.conf.local>
+<code>
 logging {
-    channel query.log {
+  channel my_syslog {
-        file "/var/log/named/query.log";
+    syslog local0; // send to syslog's local0 facility.
-        severity debug 3;
+    severity info; // only send severity info and higher
-    };
+  };
-    category queries { query.log; };
 };
-</file>
+</code>
 <WRAP info>
-**NOTE:**  Channels allow you to filter by message severity. Here is the list of severities:
+**NOTE:**  The **facility** can be specified to be any of the following: kern, user, mail, daemon, auth, syslog, lpr, news, uucp, cron, authpriv, ftp, local0, local1, local2, local3, local4, local5, local6, or local7.
+The default is **daemon**, and this is the recommended option to be used.
+</WRAP>
+<WRAP info>
+**NOTE:**  Channels allow you to filter by message severity. Here is the list of **severities**:
   * critical
@@ Line 64: / Line 89: @@
   * dynamic
 </WRAP>
+----
+===== Configure BIND9 to send debug messages related to DNS queries to a separate file =====
+We need to configure a **channel** to specify which file to send the messages to, and a **category**.
+In this example, the category will log all queries.
+Edit /etc/bind/named.conf.local and add the following:
+<file bash /etc/bind/named.conf.local>
+logging {
+    channel query.log {
+        file "/var/log/named/query.log";
+        severity debug 3;
+    };
+    category queries { query.log; };
+};
+</file>
 Since the named daemon runs as the bind user the **/var/log/named** directory must be created and the ownership changed: