[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 239
  • Last Modified:

How to make bind(named) to log down all the DNS usages?

 I want my DNS server to log down all the usages of my network, By default, named only log down itself's boot and shutdown messages. I think in the configfile:/etc/named.conf should be some items can make it work, but I can't find it. Please Let me know!

Thanks Please.
0
auther_bin
Asked:
auther_bin
  • 5
  • 4
1 Solution
 
mrn060900Commented:
I'm not sure I fully understand your question, but take a look at http://www.ph.ed.ac.uk/~richards/linuxdocs/lasg-www/logging/ it may answer your question.

Regards Mike
www.unixonline.co.uk
0
 
ahoffmannCommented:
bind 9.x has the -d option
0
 
auther_binAuthor Commented:
Oh dear ahoffmann whould you like to see more details about the "-d" option?
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
ahoffmannCommented:
what's the problem with:  man named  ?
...

     -d      set the daemon's debug level to debuglevel. Debugging traces from
             named become more verbose as the debug level increases.
...
?-)
0
 
ahoffmannCommented:
.. also see the THE LOGGING STATEMENT in  man named.conf
0
 
auther_binAuthor Commented:
I think you do not clearly know what I means, I am not want to log down debug messges, But to let named to logdown all the usage of DNS service. Just like:
 If user A quest to the server about domain name "yahoo.com" and then server answered "xxx.xxx.xxx.xxx" and, at the same time, process "named" writing to the logfile (/var/log/messages) about this request and answer. Maybe looked like:

Jun 5 12:11:31 user A ask www.yahoo.com.......
0
 
ahoffmannCommented:
I agree that -d is not what want, but see my last comment just a minute later ;-)
The logging should do what you want.
0
 
auther_binAuthor Commented:
I tried like this in /etc/named.conf file

logging {
        channel default_syslog {
                file "/var/log/messages";
                syslog daemon;        # send to syslog's daemon facility
                severity info;        # only send priority info and higher
        };
        category default { default_syslog; default_debug; };
        category panic { default_syslog; };
};

bue Can't logdown all the request. Am I right? or the require messages not in category: default_syslog?



0
 
ahoffmannCommented:
bind 9.x is very complex. I also get not fully used to it, so can't give more detailed answes, sorry.
0
 
auther_binAuthor Commented:
It's so easy! I know now the last anwser should be:

add these in the named.conf file
----------------------------------------------------------logging {
        channel my_syslog {
                syslog daemon;
                severity info;
        };
        category queries { my_syslog; };
};
----------------------------------------------------------

Thanks ahoffmann !
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now