User Tools
linux:ubuntu:bindlog
Table of Contents
Bind log
Configuration
Create file “named.conf.log” in /etc/bind/
logging {
channel bind_log {
file "/var/log/bind/bind.log" versions 3 size 5m;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
channel query.log {
file "/var/log/bind/query.log";
// Set the severity to dynamic to see all the debug messages.
// the debug option can be set from 1 to 3. If a level isn't specified level 1 is the default.
//severity debug 1-3 or dynamic
severity dynamic;
};
category default { bind_log; };
category update { bind_log; };
category update-security { bind_log; };
category security { bind_log; };
category queries { query.log; };
category lame-servers { null; };
};
Create logdir
mkdir /var/log/bind
Change owner
chown bind:bind /var/log/bind
Edit apparmor
vi /etc/apparmor.d/local/usr.sbin.named
Insert
/var/log/bind/query.log rw, /var/log/bind/bind.log rw, /var/log/bind/debug.log rw, /var/cache/bind/named.stats rw,
Reload apparmor config
apparmor_parser -r /etc/apparmor.d/usr.sbin.named
Restart bind
service bind9 restart
Logrotate
Create new bindlogrotate
vi /etc/logrotate.d/bind
Insert
/var/log/bind/bind.log {
su bind bind
daily
missingok
rotate 7
compress
delaycompress
notifempty
create 644 bind bind
postrotate
/usr/sbin/invoke-rc.d bind9 reload > /dev/null
endscript
}
/var/log/bind/query.log {
su bind bind
daily
missingok
rotate 7
compress
delaycompress
notifempty
create 644 bind bind
postrotate
/usr/sbin/invoke-rc.d bind9 reload > /dev/null
endscript
}
linux/ubuntu/bindlog.txt · Last modified: 2018/12/20 17:40 by lunetikk
Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
Discussion