syslog.conf configuration w/ named

Posted on 1998-07-23
Last Modified: 2013-12-05
using slackware 2.0.3.  my /var/log/messages is always crammed full of lines from named.  lines on stats (NSTATS, XSTATS, USAGE) every hour, and everytime it cleans its cache.  how can i send msgs just from named to a dif file?  or at least, named's low priority msgs (debug, info,notice?).  
Question by:m4rc
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1

Expert Comment

ID: 1637608
Look at the startup script... if it has "-d" or "-q" options, get rid of them... Also look at /etc/named.boot, in the "options" line maybe you'll find a "query-log" keyword. If any of these were true, kill named and restart...

Good Luck

PS:Aren't you using linuxconf, are you?

Author Comment

ID: 1637609
its started in one of my rc scripts, with no options, just /sbin/named.  and i dont have a named.boot.  and i havent used linuxconf b4.  what is it, an xwindows dot file editor?  i dont seem to have it on my system.



Expert Comment

ID: 1637610
In /etc/syslog.conf, you could add ';named.none' to the line that is  sending messages to the /var/log/messages file.  This should eliminate all the messages from named.
Then add an additional line to syslog.conf, containing 'named.*' and the file you want the messages logged in.
You can replace the 'none' and '*' by other levels if you want more control.
Remember to send a SIGHUP to syslogd to read the config file after the changes.  Otherwise, they will take effect only after the next boot.
Since your question header line contained a reference to syslog.conf, maybe you have already tried this.  If so, could you post the results (failure, I suppose) of this test.  This could help to get your syslogd configured correctly.
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.


Expert Comment

ID: 1637611
If you don't have /etc/named.boot, then there are two possibilities: you're using bind 8 or you are receiving such messages from the network... a line containing "options query-log" is responsible to load EACH message to/from bind (named proccess)

And linuxconf in yet-another-admin-tool, the one that uses redhat 5.1, but you can use it in almost any other distribution, and it uses to set mentioned option.

Good luck

Author Comment

ID: 1637612
> n /etc/syslog.conf, you could add ';named.none' to the line that is  sending messages
    i dont have a named.none line in particular in my syslog.conf.  id guess that the messages are being sent via one of the generic rules.  this is my syslog.conf:

# send all info and notice EXCEPT the mail info to messages
*.=info;*.=notice;mail.!=info                   /usr/adm/messages
*.=debug                                        /usr/adm/debug
*.err                                           /usr/adm/syslog
mail.*                                          /usr/adm/mail

  so i cant disable the named msgs w/o disabling all other msgs of that type.  id block it by name, but i didnt think you could use just named.* since named is not a facility, and the docs say you have to use facility.priority for rules.
  i could be wrong.

  yeah, no named.boot.  i used to i my old dist, but i think slackware updated to bind 8, cuz i dont need one anymore.  i made the named.conf myself (ish) and it doesnt have an "options query-log" line.  should it?


Expert Comment

ID: 1637613
BIND 8 works with /etc/named.conf. Have a look at the docs included with slackware (mine are in /usr/doc/BIND-8.1.2-REL/) or add the following lines:

logging {
  channel default { file <filename>; };


Author Comment

ID: 1637614
fabulous!  thats just what i needed to know.  if you make an answer, ill give u the points for it.

my new named.conf has this in it, im testing it to see if it works:

logging {
        // try to send notice and above to syslog (/var/log/messages)
        channel lug_syslog {
                syslog deamon;
                severity notice;
        // try to send everything to a named.log file
        channel lug_info {
                file "\var\log\named.log";
                severity info;
        category default { lug_syslog, lug_info };


Accepted Solution

vx earned 70 total points
ID: 1637615
Here's the answer you requested

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question