Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

syslog.conf configuration w/ named

Posted on 1998-07-23
Last Modified: 2013-12-05
using slackware 2.0.3.  my /var/log/messages is always crammed full of lines from named.  lines on stats (NSTATS, XSTATS, USAGE) every hour, and everytime it cleans its cache.  how can i send msgs just from named to a dif file?  or at least, named's low priority msgs (debug, info,notice?).  
Question by:m4rc
  • 3
  • 2
  • 2
  • +1

Expert Comment

ID: 1637608
Look at the startup script... if it has "-d" or "-q" options, get rid of them... Also look at /etc/named.boot, in the "options" line maybe you'll find a "query-log" keyword. If any of these were true, kill named and restart...

Good Luck

PS:Aren't you using linuxconf, are you?

Author Comment

ID: 1637609
its started in one of my rc scripts, with no options, just /sbin/named.  and i dont have a named.boot.  and i havent used linuxconf b4.  what is it, an xwindows dot file editor?  i dont seem to have it on my system.



Expert Comment

ID: 1637610
In /etc/syslog.conf, you could add ';named.none' to the line that is  sending messages to the /var/log/messages file.  This should eliminate all the messages from named.
Then add an additional line to syslog.conf, containing 'named.*' and the file you want the messages logged in.
You can replace the 'none' and '*' by other levels if you want more control.
Remember to send a SIGHUP to syslogd to read the config file after the changes.  Otherwise, they will take effect only after the next boot.
Since your question header line contained a reference to syslog.conf, maybe you have already tried this.  If so, could you post the results (failure, I suppose) of this test.  This could help to get your syslogd configured correctly.
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.


Expert Comment

ID: 1637611
If you don't have /etc/named.boot, then there are two possibilities: you're using bind 8 or you are receiving such messages from the network... a line containing "options query-log" is responsible to load EACH message to/from bind (named proccess)

And linuxconf in yet-another-admin-tool, the one that uses redhat 5.1, but you can use it in almost any other distribution, and it uses to set mentioned option.

Good luck

Author Comment

ID: 1637612
> n /etc/syslog.conf, you could add ';named.none' to the line that is  sending messages
    i dont have a named.none line in particular in my syslog.conf.  id guess that the messages are being sent via one of the generic rules.  this is my syslog.conf:

# send all info and notice EXCEPT the mail info to messages
*.=info;*.=notice;mail.!=info                   /usr/adm/messages
*.=debug                                        /usr/adm/debug
*.err                                           /usr/adm/syslog
mail.*                                          /usr/adm/mail

  so i cant disable the named msgs w/o disabling all other msgs of that type.  id block it by name, but i didnt think you could use just named.* since named is not a facility, and the docs say you have to use facility.priority for rules.
  i could be wrong.

  yeah, no named.boot.  i used to i my old dist, but i think slackware updated to bind 8, cuz i dont need one anymore.  i made the named.conf myself (ish) and it doesnt have an "options query-log" line.  should it?


Expert Comment

ID: 1637613
BIND 8 works with /etc/named.conf. Have a look at the docs included with slackware (mine are in /usr/doc/BIND-8.1.2-REL/) or add the following lines:

logging {
  channel default { file <filename>; };


Author Comment

ID: 1637614
fabulous!  thats just what i needed to know.  if you make an answer, ill give u the points for it.

my new named.conf has this in it, im testing it to see if it works:

logging {
        // try to send notice and above to syslog (/var/log/messages)
        channel lug_syslog {
                syslog deamon;
                severity notice;
        // try to send everything to a named.log file
        channel lug_info {
                file "\var\log\named.log";
                severity info;
        category default { lug_syslog, lug_info };


Accepted Solution

vx earned 70 total points
ID: 1637615
Here's the answer you requested

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VMware Workstation 12 Player 16 122
Remote desktop Ubuntu from Windows 10 5 91
centos commands 6 68
CentOS 7 Linux for HP DL380 G4 32Bits 7 46
If you use Debian 6 Squeeze and you are tired of looking at the childish graphical GDM login screen that is used by default, here's an easy way to change it. If you've already tried to change it you've probably discovered that none of the old met…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question