RPZ: log parsing
Hugo Maxwell Connery
hmco at env.dtu.dk
Thu Oct 18 14:09:43 UTC 2012
Hi,
I'm working on a little product which relies on the RPZ facility of BIND,
and particularly on parsing the logs from BIND.
I am using the logging/channel facility in BIND to separate a log which contains only
information relating to recursive queries which have been responded to
from an RPZ zone source. This log I am parsing (to filter before sending the
relevant extracted data to a database).
I have noticed that there have been changes in the format of the log between
version 9.8.X and 9.9.Y of BIND for these log messages.
I ask:
* is there a smarter way of obtaining the details of RPZ based recursive query
responses than parsing the log?
* is it possible to actually specify a log format (a la Apache's CustomLog directive)?
* will BIND develop a stable log format for RPZ based responses?
Thanks to ISC for the RPZ faciltity, and thanks in advance for any responses.
Regards,
--
Hugo Connery, Head of IT, DTU Environment
http://www.env.dtu.dk
More information about the bind-users
mailing list