Description of log file contents
David Forrest
drf at maplepark.com
Thu Apr 14 21:43:49 UTC 2011
On Thu, 14 Apr 2011, Alex wrote:
> Hi,
> I would figure this is a FAQ, but I can't find it. My apologies if I
> somehow missed searching properly.
>
> Where can I find a description of what the variables at the end of the
> line in the query log mean? For example:
>
> 14-Apr-2011 17:27:54.277 queries: client 67.210.0.112#17930: query:
> ns1.colo.com IN AAAA -E
> 14-Apr-2011 17:27:55.061 queries: client 98.139.193.153#54962: query:
> cape.com IN MX -E
> 14-Apr-2011 17:27:55.160 queries: client 202.160.178.228#45211: query:
> www.call-anyone.com IN A -
> 14-Apr-2011 17:27:55.317 queries: client 69.162.74.234#6673: query:
> mydomain.net IN ANY +
> 14-Apr-2011 17:27:55.766 queries: client 63.230.177.41#20138: query:
> ns.mydomain.com IN A -E
> 14-Apr-2011 17:27:55.818 queries: client 131.167.253.42#50026: query:
> 102.96/28.188.104.66.in-addr.arpa IN PTR -
>
> I understand the "A" and "IN", of course, but what is -E and just + and - ?
>
> Does it have to do with whether it was found in the cache?
>
> Thanks,
> Alex
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>From the ARM (included in source dist)
"queries
The query log entry reports the client’s IP address and
port number, and the query name, class and type. Next
it reports whether the Recursion Desired flag was set
(+ if set, - if not set), if the query was signed (S),
EDNS
was in use (E), if TCP was used (T), if DO (DNSSEC Ok)
was set (D), or if CD (Checking Disabled) was set (C).
After this the destination address the query was sent to
is reported."
Dave
--
St. Louis, Missouri
More information about the bind-users
mailing list