===== Bind log =====

==== Configuration ====

Create file "named.conf.log" in /etc/bind/

<code>logging {
  channel bind_log {
    file "/var/log/bind/bind.log" versions 3 size 5m;
    severity info;
    print-category yes;
    print-severity yes;
    print-time yes;
  };

    channel query.log {
        file "/var/log/bind/query.log";
        // Set the severity to dynamic to see all the debug messages.
        // the debug option can be set from 1 to 3. If a level isn't specified level 1 is the default.
        //severity debug 1-3 or dynamic
        severity dynamic;
    };
  category default { bind_log; };
  category update { bind_log; };
  category update-security { bind_log; };
  category security { bind_log; };
  category queries { query.log; };
  category lame-servers { null; };
};
</code>

Create logdir
<code>mkdir /var/log/bind</code>

Change owner
<code>chown bind:bind /var/log/bind</code>

Edit apparmor 
<code>vi /etc/apparmor.d/local/usr.sbin.named</code>

Insert
<code>
/var/log/bind/query.log rw,
/var/log/bind/bind.log rw,
/var/log/bind/debug.log rw,
/var/cache/bind/named.stats rw,
</code>

Reload apparmor config
<code>apparmor_parser -r /etc/apparmor.d/usr.sbin.named</code>

Restart bind
<code>service bind9 restart</code>

==== Logrotate ====

Create new bindlogrotate
<code>vi /etc/logrotate.d/bind</code>

Insert
<code>
/var/log/bind/bind.log {
  su bind bind
  daily
  missingok
  rotate 7
  compress
  delaycompress
  notifempty
  create 644 bind bind
  postrotate
    /usr/sbin/invoke-rc.d bind9 reload > /dev/null
  endscript
}

/var/log/bind/query.log {
  su bind bind
  daily
  missingok
  rotate 7
  compress
  delaycompress
  notifempty
  create 644 bind bind
  postrotate
    /usr/sbin/invoke-rc.d bind9 reload > /dev/null
  endscript
}
</code>




\\
\\
~~DISCUSSION:closed~~