This is an old revision of the document!

Ubuntu - Bind - Logging

The two main logging options are channel and category, which configure where logs go, and what information gets logged, respectively.

If no logging options are configured the default configuration is:

logging {
     category default { default_syslog; default_debug; };
     category unmatched { null; };
};

Configure BIND9 to send debug messages related to DNS queries to a separate file

We need to configure a channel to specify which file to send the messages to, and a category.

In this example, the category will log all queries.

Edit /etc/bind/named.conf.local and add the following:

logging {
    channel query.log {
        file "/var/log/named/query.log";
        severity debug 3;
    };
    category queries { query.log; };
};

NOTE: The debug option can be set from 1 to 3.

If a level isn’t specified, level 1 is the default.

Since the named daemon runs as the bind user the /var/log/named directory must be created and the ownership changed:

sudo mkdir /var/log/named
sudo chown bind:bind /var/log/named

Restart BIND9 for the changes to take effect:

sudo systemctl restart bind9.service

You should see the file /var/log/named/query.log fill with query information.

This is a simple example of the BIND9 logging options.

For coverage of advanced options see More Information.