approach on parsing the query-log file

Jonathan Petersson jpetersson at garnser.se
Tue Apr 28 22:19:53 UTC 2009


Ah i.e. I'm using an incorrect logfacility... that would explain things.

Either way, I did try to parse tcpdump for queries, the problem I'm
getting is that perl isn't the best option for this so I'm going to
look into wether things could get sped up with python or something.

/Jonathan

2009/4/28 Jeremy C. Reed <Jeremy_Reed at isc.org>:
> On Tue, 28 Apr 2009, Jonathan Petersson wrote:
>
>> I did try to run the following option:
>> syslog named;
>
> syslog should define a "syslog facility".
>
> Look in the openlog, syslog and/or syslog.conf manual pages to see lists
> of facilities. The ARM says: "  The syslog destination clause directs the
> channel to the system log. Its argument is a syslog facility as described
> in the syslog man page. Known facilities are kern, user, mail, daemon,
> auth, syslog, lpr, news, uucp, cron, authpriv, ftp, local0, local1,
> local2, local3, local4, local5, local6 and local7, however not all
> facilities are supported on all operating systems."
>
>> but when matching on named.* in syslog.conf there's no output.
>



More information about the bind-users mailing list