Bootstrap FreeKB - Bind Named DNS - Getting Starting with Logging
Bind Named DNS - Getting Starting with Logging
Updated:   |  Bind Named DNS articles

By default, /etc/named.conf should have the following logging block.

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

 

This will append events to the named.run file, which is typically located at /var/named/data/named.run. Here is a sampling of what could be in the named.run file.

managed-keys-zone: loaded serial 1395
zone 0.in-addr.arpa/IN: loaded serial 0
zone localhost.localdomain/IN: loaded serial 0
zone example.com/IN: loaded serial 2016032200
zone 0.168.192.in-addr.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
zone software.eng.us/IN: loaded serial 2016032200
zone localhost/IN: loaded serial 0
all zones loaded
running
error (unexpected RCODE REFUSED) resolving '108.134.55.202.in-addr.arpa/PTR/IN': 203.128.246.10#53
clients-per-query increased to 15
clients-per-query decreased to 14

 

Let's store the named logs in files below /var/log/named.

mkdir /var/log/named
chown named /var/log/named
chgrp named /var/log/named

 

Then update the logging block in /etc/named.conf to have the following.

logging {
    channel default_file {
        file "/var/log/named/default.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel general_file {
        file "/var/log/named/general.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel database_file {
        file "/var/log/named/database.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel security_file {
        file "/var/log/named/security.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel config_file {
        file "/var/log/named/config.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel resolver_file {
        file "/var/log/named/resolver.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel xfer-in_file {
        file "/var/log/named/xfer-in.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel xfer-out_file {
        file "/var/log/named/xfer-out.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel notify_file {
        file "/var/log/named/notify.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel client_file {
        file "/var/log/named/client.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel unmatched_file {
        file "/var/log/named/unmatched.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel queries_file {
        file "/var/log/named/queries.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel network_file {
        file "/var/log/named/network.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel update_file {
        file "/var/log/named/update.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel dispatch_file {
        file "/var/log/named/dispatch.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel dnssec_file {
        file "/var/log/named/dnssec.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    channel lame-servers_file {
        file "/var/log/named/lame-servers.log" versions 3 size 5m;
        severity dynamic;
        print-time yes;
    };
    category default { default_file; };
    category general { general_file; };
    category database { database_file; };
    category security { security_file; };
    category config { config_file; };
    category resolver { resolver_file; };
    category xfer-in { xfer-in_file; };
    category xfer-out { xfer-out_file; };
    category notify { notify_file; };
    category client { client_file; };
    category unmatched { unmatched_file; };
    category queries { queries_file; };
    category network { network_file; };
    category update { update_file; };
    category dispatch { dispatch_file; };
    category dnssec { dnssec_file; };
    category lame-servers { lame-servers_file; };
};

 

And restart named for this change to take effect.

systemctl restart named

 

The /var/log/named/general.log should now contain something like this.

05-Aug-2021 08:06:08.796 managed-keys-zone: journal file is out of date: removing journal file
05-Aug-2021 08:06:08.796 managed-keys-zone: loaded serial 1398
05-Aug-2021 08:06:08.796 zone 0.in-addr.arpa/IN: loaded serial 0
05-Aug-2021 08:06:08.797 zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
05-Aug-2021 08:06:08.798 zone software.eng.us/IN: loaded serial 2016032200
05-Aug-2021 08:06:08.799 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
05-Aug-2021 08:06:08.799 zone localhost.localdomain/IN: loaded serial 0
05-Aug-2021 08:06:08.799 zone example.com/IN: loaded serial 2016032200
05-Aug-2021 08:06:08.799 zone localhost/IN: loaded serial 0
05-Aug-2021 08:06:08.800 zone 0.168.192.in-addr.arpa/IN: loaded serial 0
05-Aug-2021 08:06:08.800 all zones loaded
05-Aug-2021 08:06:08.800 running

 

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter e9375b in the box below so that we can be sure you are a human.