Bind Queries log file format
Paul Roberts
paul at callevanetworks.com
Thu Feb 2 19:24:32 UTC 2017
I agree, there are an awful lot of systems and SIEM products that process querylogs. This one change will require a huge amount of re-engineering work in customer environments.
Paul
-----Original Message-----
From: bind-users [mailto:bind-users-bounces at lists.isc.org] On Behalf Of Steven Carr
Sent: 25 January 2017 12:44
To: bind-users <bind-users at lists.isc.org>
Subject: Re: Bind Queries log file format
On 25 January 2017 at 10:59, Tony Finch <dot at dotat.at> wrote:
> It's the address in memory of the data structure representing the client.
> It is mentioned in the CHANGES file (#4471) and in the release notes -
> see
> https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=c
> 4b7db49326be650fa95a7ede6e066bbe1268561
>
> though the pointer field first turned up in
> https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=a
> 26a62cef2adba0520c5955d740fc75fa7f2c7f5
Question back to the BIND team... why? what is the purpose of having this value exposed in query logs? what exactly is it adding? If it was a debug log then I can understand the need to have the memory address exposed, but for the "regular" user what is the use case?
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list