dnstap shows little logging at debug 10
Adam Augustine
augustineas at gmail.com
Mon Mar 1 23:30:56 UTC 2021
I can't seem to get any debug information out of BIND for troubleshooting
a dnstap problem I am having.
I have a CentOS 8.3.2011 VM with the COPR packages installed.
My /etc/opt/isc/scls/isc-bind/named.conf :
options {
directory "/var/opt/isc/scls/isc-bind/named/data";
listen-on { any; };
listen-on-v6 { any; };
dnssec-validation auto;
dnstap {all;};
// dnstap-output unix
"/var/opt/isc/scls/isc-bind/run/named/dnstap.sock";
dnstap-output unix
"/var/opt/isc/scls/isc-bind/log/named/dnstap.sock";
dnstap-identity "dnstap01.ldschurch.org";
dnstap-version "bind-9.16.12";
};
logging {
[SNIP]
channel dnstap_log {
file "/var/opt/isc/scls/isc-bind/log/named/dnstap" versions 3
size 20m;
print-time yes;
print-category yes;
print-severity yes;
severity debug 10;
};
[SNIP]
category dnstap { dnstap_log; default_debug; };
};
On startup, the /var/opt/isc/scls/isc-bind/log/named/dnstap file is
created, but no information is logged:
4 -rw-r--r--. 1 named named system_u:object_r:named_log_t:s0 54 Mar
1 16:23 dnstap
This is despite /var/log/messages having the following line:
opening dnstap destination
'/var/opt/isc/scls/isc-bind/log/named/dnstap.sock'
Which I would have expected to see logged in
/var/opt/isc/scls/isc-bind/log/named/dnstap . On shutdown, this single
entry is logged in /var/opt/isc/scls/isc-bind/log/named/dnstap:
01-Mar-2021 16:23:31.597 dnstap: info: closing dnstap
There is nothing relevant in /var/log/audit/audit.log, so I don't think it
is SELinux related, especially since there is successful log entry on
shutdown.
I have tried changing the severity level from "info", to "debug 1", to
"debug 3", and then to "debug 10", but I can't seem to get any more
information out other than the single message about "closing dnstap".
Any idea what I am doing wrong?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210301/b13ae959/attachment.htm>
More information about the bind-users
mailing list