Syslog with BIND on CentOS
pemensik at redhat.com
Fri May 21 10:44:36 UTC 2021
I think it should be possible to use chroot and have there custom socket
mapped directly to rsyslog.
bind-chroot should be available in CentOS, try running
named-chroot.service instead of named.service.
I have not tried it on real installation, but I guess it should be
easiest way to use arbitrary socket different than common one.
On 5/20/21 11:34 PM, John Thurston wrote:
> Many years ago, when we ran ISC BIND on Solaris, we created a logging
> channel to send the logged-queries to the local syslogd. We then had our
> local syslogd forward most of the traffic on to a central syslog server.
> I just tried to re-implement something like that on CentOS, and thought
> I had it working . . until it was exposed to full production traffic
> load. The output to our central syslog server was truncated, and my
> local system log was filled with messages saying jourald was activating
> ratelimiting. !?
> My subsequent read of the docs indicates that BIND on CentOS 7, while
> being told it is sending to 'syslogd', is sending to 'journald' which is
> handling all the messages and forwarding them on to 'syslogd'. I don't
> want journald handling my thousands of messages per second from BIND. I
> don't want that information in my journal logs. I just want it out in
> the central syslog server.
> Is there some direct way to get the logging channel of BIND pointed
> directly into the local syslogd? (which would then apply its forwarding
> rules to get traffic to the central syslog server)
> I thought about trying to rip jourald out entirely, and quickly decided
> that was a path to madness.
> The only thing I can come up with is to activate dnstap, and have some
> other process absorbing the data and spewing it directly to the central
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 495 bytes
Desc: OpenPGP digital signature
More information about the bind-users