Bind 9 query logging

cod3fr3ak rvc.pobox+unixlists at gmail.com
Thu Jan 29 19:33:31 UTC 2009 

I am trying to configure query logging on bind 9. Currently I have the
following in my configuration file:

logging {
        channel warning_log
                {
                file "/var/adm/dns-logs/dns_warnings.log" versions 7 size
2G;
                severity warning;
                print-category yes;
                print-severity yes;
                print-time yes;
                };
        channel query_log
                {
                file "/var/adm/dns-logs/dns_query.log" versions 7 size 2G;
                severity debug 3;
                print-category yes;
                print-severity yes;
                print-time yes;
                };
        category default { warning_log; } ;
        category queries { query_log; };
        category lame-servers { null; };
        category security { null; };
        category unmatched { null; };
  };

According to the O Reilly book DNS and Bind (4th Edition) and the Bind 9 web
docs the configuration above should log both the requested query and the
response. Currently all I get back is the query:

29-Jan-2009 14:15:00.666 queries: info: client xxx.xxx.xxx.xxx#56766: query:
49.105.135.67.in-addr.arpa IN PTR +
29-Jan-2009 14:15:00.730 queries: info: client xxx.xxx.xxx.xxx#45016: query:
m1.search.yahoo-ht3.akadns.net IN A +ED
29-Jan-2009 14:15:00.821 queries: info: client xxx.xxx.xxx.xxx#48060: query:
liveupdate.symantec.d4p.net IN A +ED
29-Jan-2009 14:15:00.882 queries: info: client xxx.xxx.xxx.xxx#62480: query:
businessweek.112.2o7.net IN A +ED
29-Jan-2009 14:15:00.891 queries: info: client xxx.xxx.xxx.xxx#22652: query:
a973.g.akamai.net IN A +ED
29-Jan-2009 14:15:00.900 queries: info: client xxx.xxx.xxx.xxx#49831: query:
stats.surfaid.ihost.com IN A +ED
29-Jan-2009 14:15:00.924 queries: info: client xxx.xxx.xxx.xxx#5606: query:
www.pic2009.org IN A +ED
29-Jan-2009 14:15:00.936 queries: info: client xxx.xxx.xxx.xxx#51641: query:
www.yopoll.com IN A +ED
29-Jan-2009 14:15:00.946 queries: info: client xxx.xxx.xxx.xxx#6002: query:
174.162.127.222.in-addr.arpa IN PTR +ED

Even when I start bind using the -d option I do not get what I want.

Can someone help me out.

C
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090129/fac5033a/attachment.html>

More information about the bind-users mailing list