Differences

This shows you the differences between two versions of the page.

--- ubuntu:bind:logging [2020/12/09 18:13] – [Ubuntu - Bind - Logging] peter
+++ ubuntu:bind:logging [2020/12/09 18:33] (current) – [Syslog Channel] peter
@@ Line 13: / Line 13: @@
 <WRAP info>
-**NOTE:**  BIND 9 categories are:
+**NOTE:**  BIND 9 Channels:
+A channel may be defined to go to:
+  * **file**  The file pathname must be specified. Optionally, you can specify how many versions of the file can exist at one time and how big the file may grow.
+  * **syslog**  places logging into syslog.
+  * **null**  For messages you want to throw away.
+</WRAP>
+<WRAP info>
+**NOTE:**   categories are:
   * **default**  BIND 9's default category matches all categories not specifically assigned to channels.
-    * BIND 9's default category doesn't match BIND's messages that aren't categorized. Those are part of the category listed next.
+    * BIND 9's **default** category doesn't match BIND's messages that aren't categorized. Those are part of the category listed next.
   * **general**  The general category contains all of the BIND messages that aren't explicitly classified.
   * **client**  Processing client requests.
@@ Line 36: / Line 47: @@
 ----
-===== Configure BIND9 to send debug messages related to DNS queries to a separate file =====
+===== File Channel =====
-We need to configure a **channel** to specify which file to send the messages to, and a **category**.
+<code>
+logging{
+  channel my_file {
+    file "log.msgs" versions 3 size 10k;
+    severity dynamic;
+  };
+};
+</code>
-In this example, the category will log all queries.
+----
-Edit /etc/bind/named.conf.local and add the following:
+===== Syslog Channel =====
-<file bash /etc/bind/named.conf.local>
+<code>
 logging {
-    channel query.log {
+  channel my_syslog {
-        file "/var/log/named/query.log";
+    syslog local0; // send to syslog's local0 facility.
-        severity debug 3;
+    severity info; // only send severity info and higher
-    };
+  };
-    category queries { query.log; };
 };
-</file>
+</code>
+<WRAP info>
+**NOTE:**  The **facility** can be specified to be any of the following: kern, user, mail, daemon, auth, syslog, lpr, news, uucp, cron, authpriv, ftp, local0, local1, local2, local3, local4, local5, local6, or local7.
+The default is **daemon**, and this is the recommended option to be used.
+</WRAP>
 <WRAP info>
-**NOTE:**  Channels allow you to filter by message severity. Here is the list of severities:
+**NOTE:**  Channels allow you to filter by message severity. Here is the list of **severities**:
   * critical
@@ Line 65: / Line 89: @@
   * dynamic
 </WRAP>
+----
+===== Configure BIND9 to send debug messages related to DNS queries to a separate file =====
+We need to configure a **channel** to specify which file to send the messages to, and a **category**.
+In this example, the category will log all queries.
+Edit /etc/bind/named.conf.local and add the following:
+<file bash /etc/bind/named.conf.local>
+logging {
+    channel query.log {
+        file "/var/log/named/query.log";
+        severity debug 3;
+    };
+    category queries { query.log; };
+};
+</file>
 Since the named daemon runs as the bind user the **/var/log/named** directory must be created and the ownership changed: