selective query logging

Kevin Darcy kcd at daimlerchrysler.com
Tue Nov 14 22:32:44 UTC 2000


No way within BIND that I know of. I think the main problem is that the query is
logged before named even knows whether the name is in an authoritative zone or not.
But you could use Perl or maybe even just egrep -v -f to weed out unwanted queries
in a relatively sane way. The advantage of Perl would be that it could parse the
named.conf to determine what domains to weed out, so you wouldn't have to
constantly maintain a list of those domains. If you need even more speed, write a
lean-and-mean C program to do it.

In the long term, you might want to consider separating recursive from recursive
service. Among other benefits, such a separation makes this kind of analysis much
cleaner.


- Kevin

Rob Bos wrote:

> Been beating my head against a minor problem for a week or so now, haven't
> found anything that looks relevant in the BIND mailing lists.
>
> Is it possible to selectively log name queries for domains that I am not
> authoritative for?  i.e, a request for slashdot.org gets logged, but a request
> for mydomain.foo doesn't.
>
> The purpose is to clean up log files, primarily, and given the number of
> domains we host, it's impractical to do a string of grep -e -v -v -v's on the
> command line.
>
> A problem like this isn't really important enough to go to the length of hacking
> BIND source, and I don't have the skills anyhow, but it would be nice to know
> if the facility to do this cleanly exists.






More information about the bind-users mailing list