> I would like to examine the responses from named in the logs, not just
> the queries, but I cannot find a way to log them. Any suggestions on
> a: how to log the answers to queries
> b: what is wrong here
I prefer to use syslog to log things from named. Here's what I use in
my named.conf:
Note that I don't run at severity debug, but I figure you'll want to.
The category query line seems to be what you're after, but the whole
thing won't hurt.
logging {
channel "default_syslog" {
syslog local6;
severity debug;
};
category default { default_syslog; };
category general { default_syslog; };
category config { default_syslog; };
category security { default_syslog; };
category resolver { default_syslog; };
category xfer-in { default_syslog; };
category xfer-out { default_syslog; };
category notify { default_syslog; };
category client { default_syslog; };
category network { default_syslog; };
category update { default_syslog; };
category queries { default_syslog; };
category lame-servers { default_syslog; };
};
Then in /etc/syslog.conf
local6.* /var/log/named.log
If you want to keep the crap out of /var/log/messages, just append
'local6.none' to the definition for /var/log/messages.
If you're going to be running this for any length of time, you may
want to consider logrotate.
Drop this in /etc/logrotate.d/named
/var/log/named.log {
missingok
create 0644 named named
postrotate
/sbin/service named reload 2> /dev/null > /dev/null || true
endscript
}
Then restart bind and the logging you've messed with and you should be all set.
--
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety''
Benjamin Franklin 1775