RPZ logging
Blason R
blason16 at gmail.com
Sun Apr 29 06:36:22 UTC 2018
Yep; thanks that worked!!
On Sun, Apr 29, 2018 at 10:38 AM, Blason R <blason16 at gmail.com> wrote:
> hmm..ok let me try. Since I am also wrting parsers in logstash wondering
> what exactly would be the log setting I need to pick up.
>
> On Sun, Apr 29, 2018 at 9:12 AM, Bob Harold <rharolde at umich.edu> wrote:
>
>>
>> On Sat, Apr 28, 2018 at 11:29 PM, Blason R <blason16 at gmail.com> wrote:
>>
>>> Hi Folks,
>>>
>>> I have been struggligng with exact RPZ/Bind option/statement which
>>> enables the logging for RPZ and shows if the query matches RPZ zone.
>>>
>>> Can someone please help me?
>>>
>>>
>> I think the required rpz logging related lines in my named.conf are:
>>
>> logging {
>>
>> channel "rpz_file" {
>> file "/var/log/named/rpz.log" versions 10 size 104857600;
>> severity dynamic;
>> print-time yes;
>> print-severity yes;
>> print-category yes;
>> };
>>
>> category "rpz" {
>> "rpz_file";
>> };
>> };
>>
>> You might want less versions and/or a smaller size - my values allow rpz
>> logs to fill 1gb of disk.
>>
>> --
>> Bob Harold
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180429/6f3d82ee/attachment.html>
More information about the bind-users
mailing list