Bind 9 query logging
cod3fr3ak
rvc.pobox+unixlists at gmail.com
Thu Jan 29 19:33:31 UTC 2009
I am trying to configure query logging on bind 9. Currently I have the
following in my configuration file:
logging {
channel warning_log
{
file "/var/adm/dns-logs/dns_warnings.log" versions 7 size
2G;
severity warning;
print-category yes;
print-severity yes;
print-time yes;
};
channel query_log
{
file "/var/adm/dns-logs/dns_query.log" versions 7 size 2G;
severity debug 3;
print-category yes;
print-severity yes;
print-time yes;
};
category default { warning_log; } ;
category queries { query_log; };
category lame-servers { null; };
category security { null; };
category unmatched { null; };
};
According to the O Reilly book DNS and Bind (4th Edition) and the Bind 9 web
docs the configuration above should log both the requested query and the
response. Currently all I get back is the query:
29-Jan-2009 14:15:00.666 queries: info: client xxx.xxx.xxx.xxx#56766: query:
49.105.135.67.in-addr.arpa IN PTR +
29-Jan-2009 14:15:00.730 queries: info: client xxx.xxx.xxx.xxx#45016: query:
m1.search.yahoo-ht3.akadns.net IN A +ED
29-Jan-2009 14:15:00.821 queries: info: client xxx.xxx.xxx.xxx#48060: query:
liveupdate.symantec.d4p.net IN A +ED
29-Jan-2009 14:15:00.882 queries: info: client xxx.xxx.xxx.xxx#62480: query:
businessweek.112.2o7.net IN A +ED
29-Jan-2009 14:15:00.891 queries: info: client xxx.xxx.xxx.xxx#22652: query:
a973.g.akamai.net IN A +ED
29-Jan-2009 14:15:00.900 queries: info: client xxx.xxx.xxx.xxx#49831: query:
stats.surfaid.ihost.com IN A +ED
29-Jan-2009 14:15:00.924 queries: info: client xxx.xxx.xxx.xxx#5606: query:
www.pic2009.org IN A +ED
29-Jan-2009 14:15:00.936 queries: info: client xxx.xxx.xxx.xxx#51641: query:
www.yopoll.com IN A +ED
29-Jan-2009 14:15:00.946 queries: info: client xxx.xxx.xxx.xxx#6002: query:
174.162.127.222.in-addr.arpa IN PTR +ED
Even when I start bind using the -d option I do not get what I want.
Can someone help me out.
C
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090129/fac5033a/attachment.html>
More information about the bind-users
mailing list