Logging question

WBrown at e1b.org WBrown at e1b.org
Thu Sep 8 18:30:46 UTC 2011 

Running an Ubuntu server with the distro provided named 9.4.2.df.  After 
taking ISC's Intro to DNS and BIND class, I've gotten the courage to 
tackle some of the logging tweaks I would like.  All the lame server 
errors are happily being delivered to the null channel.  I also figured 
out how to log queries for troubleshooting and keep it from filling the 
hard drive.

On one of our servers, there are a number of Windows systems that are 
attempting to update zones which we do not allow.  It is not possible to 
get all those machines changed to turn off this "feature."  I thought I 
should be able change the logging to deliver these messages to a custom 
channel for testing, and then change it to the null channel when I was 
satisfied with the results.  Unfortunately, it doesn't work. 

Here is the copy of my logging statement:


logging {

        channel query_log {
                file "query.log"
                versions 3
                size 20m;
                print-time yes;
                print-category yes;
                print-severity yes;
        };

        // category queries { query_log; };


        // Send all lame server errors to the null channel
        category lame-servers { null; };

        // send all dynamic update messages to the null channel
                // too bad it don't work!
        category update { query_log; };
};

Logged messages are like this:

Sep  8 14:09:22 ns1 named[19392]: client 172.19.161.22#53489: update 
'19.172.IN-ADDR.ARPA/IN' denied

In addition to the update category, I tried client and security 
categories.  Errors continued to be logged in /var/log/daemon.log instead 
of query.log (eventually null).

Any suggestions?

-- 

William Brown
Web Development & Messaging Services
Technology Services, WNYRIC, Erie 1 BOCES




Confidentiality Notice: 
This electronic message and any attachments may contain confidential or 
privileged information, and is intended only for the individual or entity 
identified above as the addressee. If you are not the addressee (or the 
employee or agent responsible to deliver it to the addressee), or if this 
message has been addressed to you in error, you are hereby notified that 
you may not copy, forward, disclose or use any part of this message or any 
attachments. Please notify the sender immediately by return e-mail or 
telephone and delete this message from your system.

More information about the bind-users mailing list