syslog.conf configuration w/ named

Posted on 1998-07-23
Last Modified: 2013-12-05
using slackware 2.0.3.  my /var/log/messages is always crammed full of lines from named.  lines on stats (NSTATS, XSTATS, USAGE) every hour, and everytime it cleans its cache.  how can i send msgs just from named to a dif file?  or at least, named's low priority msgs (debug, info,notice?).  
Question by:m4rc
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1

Expert Comment

ID: 1637608
Look at the startup script... if it has "-d" or "-q" options, get rid of them... Also look at /etc/named.boot, in the "options" line maybe you'll find a "query-log" keyword. If any of these were true, kill named and restart...

Good Luck

PS:Aren't you using linuxconf, are you?

Author Comment

ID: 1637609
its started in one of my rc scripts, with no options, just /sbin/named.  and i dont have a named.boot.  and i havent used linuxconf b4.  what is it, an xwindows dot file editor?  i dont seem to have it on my system.



Expert Comment

ID: 1637610
In /etc/syslog.conf, you could add ';named.none' to the line that is  sending messages to the /var/log/messages file.  This should eliminate all the messages from named.
Then add an additional line to syslog.conf, containing 'named.*' and the file you want the messages logged in.
You can replace the 'none' and '*' by other levels if you want more control.
Remember to send a SIGHUP to syslogd to read the config file after the changes.  Otherwise, they will take effect only after the next boot.
Since your question header line contained a reference to syslog.conf, maybe you have already tried this.  If so, could you post the results (failure, I suppose) of this test.  This could help to get your syslogd configured correctly.
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.


Expert Comment

ID: 1637611
If you don't have /etc/named.boot, then there are two possibilities: you're using bind 8 or you are receiving such messages from the network... a line containing "options query-log" is responsible to load EACH message to/from bind (named proccess)

And linuxconf in yet-another-admin-tool, the one that uses redhat 5.1, but you can use it in almost any other distribution, and it uses to set mentioned option.

Good luck

Author Comment

ID: 1637612
> n /etc/syslog.conf, you could add ';named.none' to the line that is  sending messages
    i dont have a named.none line in particular in my syslog.conf.  id guess that the messages are being sent via one of the generic rules.  this is my syslog.conf:

# send all info and notice EXCEPT the mail info to messages
*.=info;*.=notice;mail.!=info                   /usr/adm/messages
*.=debug                                        /usr/adm/debug
*.err                                           /usr/adm/syslog
mail.*                                          /usr/adm/mail

  so i cant disable the named msgs w/o disabling all other msgs of that type.  id block it by name, but i didnt think you could use just named.* since named is not a facility, and the docs say you have to use facility.priority for rules.
  i could be wrong.

  yeah, no named.boot.  i used to i my old dist, but i think slackware updated to bind 8, cuz i dont need one anymore.  i made the named.conf myself (ish) and it doesnt have an "options query-log" line.  should it?


Expert Comment

ID: 1637613
BIND 8 works with /etc/named.conf. Have a look at the docs included with slackware (mine are in /usr/doc/BIND-8.1.2-REL/) or add the following lines:

logging {
  channel default { file <filename>; };


Author Comment

ID: 1637614
fabulous!  thats just what i needed to know.  if you make an answer, ill give u the points for it.

my new named.conf has this in it, im testing it to see if it works:

logging {
        // try to send notice and above to syslog (/var/log/messages)
        channel lug_syslog {
                syslog deamon;
                severity notice;
        // try to send everything to a named.log file
        channel lug_info {
                file "\var\log\named.log";
                severity info;
        category default { lug_syslog, lug_info };


Accepted Solution

vx earned 70 total points
ID: 1637615
Here's the answer you requested

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
unable to put logic for reading multiple repo in a single file 4 72
lunix and unix command 21 120
Recover Lacie Edmini data. 11 65
AWS Linux EC2 question on group 7 21
In my business, I use the LTS (Long Term Support) versions of Linux. My workstations do real work, and so I rarely have the patience to deal with silly problems caused by an upgraded kernel that had experimental software on it to begin with from a r…
You ever wonder how to backup Linux system files just like Windows System Restore?  Well you can use Timeshift in Linux to perform those similar action.  This tutorial will show you how to backup your system files and keep regular intervals. Note…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question