RPZ: log parsing

Hugo Maxwell Connery hmco at env.dtu.dk
Thu Oct 18 14:09:43 UTC 2012


Hi,

I'm working on a little product which relies on the RPZ facility of BIND,
and particularly on parsing the logs from BIND.

I am using the logging/channel facility in BIND to separate a log which contains only
information relating to recursive queries which have been responded to
from an RPZ zone source.  This log I am parsing (to filter before sending the
relevant extracted data to a database).

I have noticed that there have been changes in the format of the log between
version 9.8.X and 9.9.Y of BIND for these log messages.

I ask: 

* is there a smarter way of obtaining the details of RPZ based recursive query
  responses than parsing the log?

* is it possible to actually specify a log format (a la Apache's CustomLog directive)?

* will BIND develop a stable log format for RPZ based responses?

Thanks to ISC for the RPZ faciltity, and thanks in advance for any responses.

Regards,
--
Hugo Connery, Head of IT, DTU Environment
http://www.env.dtu.dk


More information about the bind-users mailing list