how to log to a remote logging server (syslog-ng) from a chroot'ed BIND9?
Willem Kossen
w.kossen at quicknet.nl
Mon Jul 26 08:17:54 UTC 2004
>----- Original Message -----
>From: "OpenMacNews" <bind-users.20.openmacnews at spamgourmet.com>
>To: "bind-users" <bind-users at isc.org>
>Sent: Monday, 26 July, 2004 9:28 AM
>Subject: how to log to a remote logging server (syslog-ng) from a chroot'ed
BIND9?
>
>hi all,
>
>i've BIND9 installed in a chroot jail on MacOSX 10.3.4.
>
>'til now, i've been logging to files in the (chroot)/var/log dir.
>
>i've set up a central/remote logging server (syslog-ng), and would like to
capture/send the >chroot'ed BIND9's logs to the remote server ...
>
>in considering this scenario, tho, i've managed to cget a bit condused ....
so, a couple of questions:
>
> (1) the logging statement in named.conf clearly has the option to
capture to a "syslog daemon" >channel ...
>but how do i capture to a NON-syslog (i.e., in this case, 'syslog-ng's
daemon) daemon?
>
> (2) do i need to capture first to a local syslog-ng daemon instance,
then send/x-fer to a remote, >or can BIND9 be set up to speak 'directly' to
the remote server?
>
> (3) am i completely defeating the security of the chroot jail by sending
logs _outside_?
>
>any pointers, suggestions, etc -- or better yet a relevant howto URL --
would be very much >appreciated!
>
>thx,
>
>richard
>>
it is quite simple to have logging go to another server using standard
syslog:
in your /etc/syslog.conf add a line like
*.* @xxx.xxx.xxx.xxx
where xxx.xxx.xxx.xxx is the ipaddress of the remote logging server. this
will send ALL logging accepted by syslog to the remote server
of course you can experiment with selections like *.warn *.error etc. see
man syslog.conf
good luck
Willem Kossen
More information about the bind-users
mailing list