filtering queries: info: logs
Dave Stewart
dstewart at aquaflo.com
Tue May 31 21:50:00 UTC 2005
Hi all!
Just a quick question to which I haven't been able to find the answer I
want: is there a way to have a BIND 8.2 server log all queries through
it but NOT log queries from the localhost?
I have a log that's chock full of stuff like this:
25-May-2005 10:19:14.579 queries: info:
XX+/192.168.12.15/mail.aquaflo.com/AAAA/IN
25-May-2005 10:19:28.611 queries: info:
XX+/127.0.0.1/rusty.aquaflo.com/A/IN
25-May-2005 10:19:56.619 queries: info:
XX+/127.0.0.1/rusty.aquaflo.com/A/IN
25-May-2005 10:20:24.627 queries: info:
XX+/127.0.0.1/rusty.aquaflo.com/A/IN
25-May-2005 10:20:52.635 queries: info:
XX+/127.0.0.1/rusty.aquaflo.com/A/IN
25-May-2005 10:21:16.320 queries: info:
XX+/127.0.0.1/rusty1.aquaflo.com/A/IN
25-May-2005 10:21:16.324 queries: info: XX+/127.0.0.1/rusty1/A/IN
25-May-2005 10:21:20.642 queries: info:
XX+/127.0.0.1/rusty.aquaflo.com/A/IN
25-May-2005 10:21:48.651 queries: info:
XX+/127.0.0.1/rusty.aquaflo.com/A/IN
25-May-2005 10:22:16.659 queries: info:
XX+/127.0.0.1/rusty.aquaflo.com/A/IN
25-May-2005 10:22:44.667 queries: info:
XX+/127.0.0.1/rusty.aquaflo.com/A/IN
25-May-2005 10:22:51.567 queries: info:
XX+/192.168.12.16/bigiron.aquaflo.com/A/IN
I want the first and last of these entries (not from localhost), but I
don't want all the stuff in the middle. Is there a way to set up BIND
8.2.2 to get those results (running on an old IBM E20 under AIX 5.1)?
My initial reaction was to turn down the severity of the logging, but
then I noted that all these entries were "info" severity (so dropping
the ones I don't want also costs me the ones that I do want).
Dave Stewart
Aqua~Flo Supply (Goleta CA)
dstewart at aquaflo dot com
Law of Probability Dispersal:
Whatever it is that hits the fan
will not be evenly distributed.
More information about the bind-users
mailing list