Logging question
WBrown at e1b.org
WBrown at e1b.org
Thu Sep 8 18:30:46 UTC 2011
Running an Ubuntu server with the distro provided named 9.4.2.df. After
taking ISC's Intro to DNS and BIND class, I've gotten the courage to
tackle some of the logging tweaks I would like. All the lame server
errors are happily being delivered to the null channel. I also figured
out how to log queries for troubleshooting and keep it from filling the
hard drive.
On one of our servers, there are a number of Windows systems that are
attempting to update zones which we do not allow. It is not possible to
get all those machines changed to turn off this "feature." I thought I
should be able change the logging to deliver these messages to a custom
channel for testing, and then change it to the null channel when I was
satisfied with the results. Unfortunately, it doesn't work.
Here is the copy of my logging statement:
logging {
channel query_log {
file "query.log"
versions 3
size 20m;
print-time yes;
print-category yes;
print-severity yes;
};
// category queries { query_log; };
// Send all lame server errors to the null channel
category lame-servers { null; };
// send all dynamic update messages to the null channel
// too bad it don't work!
category update { query_log; };
};
Logged messages are like this:
Sep 8 14:09:22 ns1 named[19392]: client 172.19.161.22#53489: update
'19.172.IN-ADDR.ARPA/IN' denied
In addition to the update category, I tried client and security
categories. Errors continued to be logged in /var/log/daemon.log instead
of query.log (eventually null).
Any suggestions?
--
William Brown
Web Development & Messaging Services
Technology Services, WNYRIC, Erie 1 BOCES
Confidentiality Notice:
This electronic message and any attachments may contain confidential or
privileged information, and is intended only for the individual or entity
identified above as the addressee. If you are not the addressee (or the
employee or agent responsible to deliver it to the addressee), or if this
message has been addressed to you in error, you are hereby notified that
you may not copy, forward, disclose or use any part of this message or any
attachments. Please notify the sender immediately by return e-mail or
telephone and delete this message from your system.
More information about the bind-users
mailing list