dnstap shows little logging at debug 10

Mark Andrews marka at isc.org
Tue Mar 2 01:53:08 UTC 2021 

Do you have something reading the pipe?


> On 2 Mar 2021, at 10:30, Adam Augustine <augustineas at gmail.com> wrote:
> 
> I can't seem to get any debug information out of BIND for troubleshooting a dnstap problem I am having.
> 
> I have a CentOS 8.3.2011 VM with the COPR packages installed. 
> 
> My /etc/opt/isc/scls/isc-bind/named.conf :
> options {
>         directory "/var/opt/isc/scls/isc-bind/named/data";
>         listen-on { any; };
>         listen-on-v6 { any; };
>         dnssec-validation auto;
>         dnstap {all;};
> //      dnstap-output unix "/var/opt/isc/scls/isc-bind/run/named/dnstap.sock";
>         dnstap-output unix "/var/opt/isc/scls/isc-bind/log/named/dnstap.sock";
>         dnstap-identity "dnstap01.ldschurch.org";
>         dnstap-version "bind-9.16.12";
> };
> 
> logging {    
> [SNIP]
>      channel dnstap_log {
>           file "/var/opt/isc/scls/isc-bind/log/named/dnstap" versions 3 size 20m;
>           print-time yes;
>           print-category yes;
>           print-severity yes;
>           severity debug 10;
>      };
> [SNIP]
>      category dnstap { dnstap_log; default_debug; };
> };
> 
> On startup, the /var/opt/isc/scls/isc-bind/log/named/dnstap file is created, but no information is logged:
> 
>  4 -rw-r--r--. 1 named named system_u:object_r:named_log_t:s0        54 Mar  1 16:23 dnstap
> 
> This is despite /var/log/messages having the following line:
> 
>  opening dnstap destination '/var/opt/isc/scls/isc-bind/log/named/dnstap.sock'
> 
> Which I would have expected to see logged in /var/opt/isc/scls/isc-bind/log/named/dnstap . On shutdown, this single entry is logged in /var/opt/isc/scls/isc-bind/log/named/dnstap:
> 
> 01-Mar-2021 16:23:31.597 dnstap: info: closing dnstap
> 
> There is nothing relevant in /var/log/audit/audit.log, so I don't think it is SELinux related, especially since there is successful log entry on shutdown.
> 
> I have tried changing the severity level from "info", to "debug 1", to "debug 3", and then to "debug 10", but I can't seem to get any more information out other than the single message about "closing dnstap".
> 
> Any idea what I am doing wrong?
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org

More information about the bind-users mailing list