Getting RPZ statistics
Vernon Schryver
vjs at rhyolite.com
Fri Dec 7 22:37:26 UTC 2012
> From: "Howard, Christopher Bryan" <Christopher-Howard at utc.edu>
> I recently (as of 2 days ago) enabled RPZ on all of my name servers. I cur=
> rently use "rndc stats", perl, and SNMP to make certain global stats availa=
> ble to our network monitoring system to make charts (number of queries acro=
> ss all views and such). I'd like to do the same for just the RPZ zone so I=
> can get an idea of how many queries are getting handled by RPZ itself.
In a useless sense probably not intended, the number of queries
handled by RPZ is the same as the number of queries handled by
the normal zones in the views with "response-policy{}" statements,
because all queries are tested against the policy zones.
The short answer to the likely intended question is that there are
no RPZ specific statistics. One might want the number of responses
rewritten according to each policy zone, but those statistics don't
exist. I agree that the idea is worth thinking about.
Recent versions of the BIND9 RPZ code has improved logging. On DNS
servers that are not too busy, it might be possible to synthesize
useful RPZ statistics with awk/perl/whatever applied to the RPZ log
category.
Vernon Schryver vjs at rhyolite.com
More information about the bind-users
mailing list