• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 482
  • Last Modified:

syslog.conf configuration w/ named

using slackware 2.0.3.  my /var/log/messages is always crammed full of lines from named.  lines on stats (NSTATS, XSTATS, USAGE) every hour, and everytime it cleans its cache.  how can i send msgs just from named to a dif file?  or at least, named's low priority msgs (debug, info,notice?).  
0
m4rc
Asked:
m4rc
  • 3
  • 2
  • 2
  • +1
1 Solution
 
marcelofrCommented:
Look at the startup script... if it has "-d" or "-q" options, get rid of them... Also look at /etc/named.boot, in the "options" line maybe you'll find a "query-log" keyword. If any of these were true, kill named and restart...

Good Luck

PS:Aren't you using linuxconf, are you?
0
 
m4rcAuthor Commented:
its started in one of my rc scripts, with no options, just /sbin/named.  and i dont have a named.boot.  and i havent used linuxconf b4.  what is it, an xwindows dot file editor?  i dont seem to have it on my system.

marc

0
 
bertvermeerbergenCommented:
In /etc/syslog.conf, you could add ';named.none' to the line that is  sending messages to the /var/log/messages file.  This should eliminate all the messages from named.
Then add an additional line to syslog.conf, containing 'named.*' and the file you want the messages logged in.
You can replace the 'none' and '*' by other levels if you want more control.
Remember to send a SIGHUP to syslogd to read the config file after the changes.  Otherwise, they will take effect only after the next boot.
Since your question header line contained a reference to syslog.conf, maybe you have already tried this.  If so, could you post the results (failure, I suppose) of this test.  This could help to get your syslogd configured correctly.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
marcelofrCommented:
If you don't have /etc/named.boot, then there are two possibilities: you're using bind 8 or you are receiving such messages from the network... a line containing "options query-log" is responsible to load EACH message to/from bind (named proccess)

And linuxconf in yet-another-admin-tool, the one that uses redhat 5.1, but you can use it in almost any other distribution, and it uses to set mentioned option.

Good luck
0
 
m4rcAuthor Commented:
> n /etc/syslog.conf, you could add ';named.none' to the line that is  sending messages
 
    i dont have a named.none line in particular in my syslog.conf.  id guess that the messages are being sent via one of the generic rules.  this is my syslog.conf:

# send all info and notice EXCEPT the mail info to messages
*.=info;*.=notice;mail.!=info                   /usr/adm/messages
*.=debug                                        /usr/adm/debug
*.err                                           /usr/adm/syslog
mail.*                                          /usr/adm/mail

  so i cant disable the named msgs w/o disabling all other msgs of that type.  id block it by name, but i didnt think you could use just named.* since named is not a facility, and the docs say you have to use facility.priority for rules.
  i could be wrong.

  yeah, no named.boot.  i used to i my old dist, but i think slackware updated to bind 8, cuz i dont need one anymore.  i made the named.conf myself (ish) and it doesnt have an "options query-log" line.  should it?


0
 
vxCommented:
BIND 8 works with /etc/named.conf. Have a look at the docs included with slackware (mine are in /usr/doc/BIND-8.1.2-REL/) or add the following lines:

logging {
  channel default { file <filename>; };
};

Regards
Ties
0
 
m4rcAuthor Commented:
fabulous!  thats just what i needed to know.  if you make an answer, ill give u the points for it.

my new named.conf has this in it, im testing it to see if it works:

logging {
        // try to send notice and above to syslog (/var/log/messages)
        channel lug_syslog {
                syslog deamon;
                severity notice;
        };
        // try to send everything to a named.log file
        channel lug_info {
                file "\var\log\named.log";
                severity info;
        };
        category default { lug_syslog, lug_info };
};

0
 
vxCommented:
Here's the answer you requested
0

Featured Post

Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

  • 3
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now