I want to know who is requesting what on my bind9 server.
Time to cull out those logs from /var/log/syslog .
$ vi /etc/bind/named.conf
just before named.conf.local , put in this line:
include "/etc/bind/named.conf.log";
$ vi /etc/bind/named.conf.log
logging {
channel bind_log {
file "/var/log/bind/bind.log" versions 3 size 5m;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category default { bind_log; };
category update { bind_log; };
category update-security { bind_log; };
category security { bind_log; };
category queries { bind_log; };
category lame-servers { null; };
};
see that directory? create it and perm it
$ mkdir /var/log/bind ; chown bind:bind /var/log/bind
your logs will be large with all that debug stuff. rotate them!
$ vi /etc/logrotate.d/bind
/var/log/bind/bind.log {
daily
missingok
rotate 7
compress
delaycompress
notifempty
create 644 bind bind
postrotate
/usr/sbin/invoke-rc.d bind9 reload > /dev/null
endscript
}
$ /etc/init.d/bind9 restart
excitement.
Tuesday, January 23, 2018
bind9 logs be freed of syslog
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment