Where are ISC docs for log file codings?

Mark Andrews marka at isc.org
Mon Mar 3 20:18:26 UTC 2025 

It is documented in the Administrators Reference Manual (ARM).  Look for the queries channel in the logging section. See Downloads on the ISC website for the ARM version appropriate for your release. 

e.g.

https://downloads.isc.org/isc/bind9/9.20.6/doc/arm/html/reference.html#namedconf-statement-logging

-- 
Mark Andrews

> On 4 Mar 2025, at 06:45, Brett Delmage via bind-users <bind-users at lists.isc.org> wrote:
> 
> On Mon, 3 Mar 2025, Michael Richardson wrote:
> 
>> Brett Delmage via bind-users <bind-users at lists.isc.org> wrote:
>>   > Specifically for me now that's the query log including the flags. But it
>>   > could be other log files too at times. I am running DNSSEC and primary,
>>   > secondary, and internal resolving servers so many logs are of interest at
>>   > different times.
>> 
>> If you are having DNSSEC problems, then you may find
>> https://dnsviz.net/d/brettdelmage.ca/dnssec/
>> 
>> useful.  BTW: I don't see anything wrong there.
>> Are you having problems with others resolving your domain, or problems with
>> another domain?
> 
> Thanks. I was actually just trying to debug acme.sh DNS-01 cert generation. Cert gen works fine with the the LE test/staging server but unreliably with the real LE server.
> 
> While debugging I realized I was not 100% certain on the flags and other fields in the query log and sought to expand my knowledge. I know the flags field corresponds to flags in the DNS protocol and dig man page, but I'm only guessing the query log's single-character representation, and some other fields.
> 
> It seems to me that it would be useful for ISC to have a page explaining the log file formats, if I have simply not found it. I searched this list's archives before posting, too.
> 
> (I think the LE server DNS-01 authentication query may not be reaching my BIND server due to some very heavy packet filtering I use. So I was debugging that using multitail on both update.log and query.log to watch the DNS action. acme.sh DNS-01 challenges have worked fine for me for years on various servers so something has changed or I am making a stupid mistake. But that's not BIND-related. Anyone know the best forum for asking an acme.sh question?)
> 
> Brett
> 
> 
> 
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20250304/e7d09186/attachment.htm>

More information about the bind-users mailing list