Who is using my Nameserver
McNair, Dan
DMcNair at dgexchange.dg.com
Thu Aug 31 13:53:15 UTC 2000
For what you want, logging to the syslog facility may not be the best way to go. It will just create a lot of clutter in your syslog files. If you are using BIND 8, then instead of fooling with syslog you should be able to use:
logging {
channel my_queries_file {
file "/var/run/log.queries" versions 3 size 100k;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category queries { my_queries_file; };
};
(in named.conf)
In my named.conf this had to go before the options statement, but I do not know if that is true for all ports of BIND.
Then force the server to reload named.conf. Make sure /var/run exists and is writeable by named, or use some other absolute path of your choice. The queries are logged at level "info" so you should not have to turn on debugging.
You should see queries logged to the file /var/run/log.queries.
See _DNS_and _BIND_ chapter 8 for more details.
--Dan
-----Original Message-----
From: Kurt_Shaffer at steris.com [mailto:Kurt_Shaffer at steris.com]
Sent: Thursday, August 31, 2000 9:26 AM
To: 'bind-users at isc.org'
Subject: Re: Who is using my Nameserver
I have logging turned on but don't see any entries in the log file.
Can someone give me an example of the syslog.conf entry which causes
these messages to be logged?
In the Bind book they said to make sure that LOG_INFO messages are
being logged for the facility daemon.
Thankx.
______________________________ Reply Separator _________________________________
Subject: Who is using my Nameserver
Author: "Hofer; Elmar (ZKD)" <Hofer at zkd.bwl.de> at Internet
Date: 8/31/00 9:10 AM
Hi folks,
I want to find out who is acessing my Nameserver and what querries are sent
to my Nameserver.
Is there a program for such a task ? I want to run it for one day, so that I
can look what querries
my nameserver had to handle.
I hope someone can help me out with this problem.
More information about the bind-users
mailing list