bind Logging

Um die Konfiguration sauber trennen zu können, habe ich die Logging-Konfiguration in eine separate Datei aufgeteilt und diese in der named.conf eingebunden.

...
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.log";

// prime the server with knowledge of the root servers
...

 

logging {
    channel bind9log {
        file "/var/log/named/bind9.log" versions 3 size 10m;
        // syslog info;
        // severity debug;
        severity dynamic;
        print-time yes;
        print-severity yes;
        print-category yes;
    };
    channel security {
        file "/var/log/named/security.log" versions 2 size 5m;
        // syslog warn;
        // severity warn;
        severity dynamic;
        print-time yes;
        print-severity yes;
        print-category yes;
    };
    category resolver {bind9log;};
    category default {bind9log;};
    category queries {bind9log;};
    category client {bind9log;};
    category config {bind9log;};
    category notify {bind9log;};
    category unmatched {bind9log;};
    category dispatch {bind9log;};
    category dnssec {bind9log;};
    category database {bind9log;};
    category security {security;};
    category lame-servers {null;};
};

Zusätzlich muss das oben angegebene Verzeichnis /var/log/named noch angelegt werden:

mkdir /var/log/named

Danach einen Neustand von bind:

/etc/init.d/bind9 restart

und alles ist erledigt, wie ein ein ls zeigt:

DNS1:/etc/bind# ls -alh /var/log/named/
insgesamt 132K
-rw-r--r-- 1 bind bind 126K 24. Nov 16:08 bind9.log
-rw-r--r-- 1 bind bind 0   24. Nov 15:41 security.log