我正在嘗試在named.conf中找到完美的日誌條款,它可以幫助我爲命名服務啓用全層日誌。有人可以在這裏舉個例子嗎?我現在的條款在下面給出,但是這會產生非常小的日誌。如何啓用命名/綁定/ DNS完整日誌記錄?
logging {
channel querylog{
file "/var/log/querylog";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
};
category queries { querylog;};
};
我通常會將每個日誌文件擴展到自己的通道中,然後放到單獨的日誌文件中,當您試圖調試特定問題時,它肯定會使事情變得更加簡單。所以我的記錄部分如下所示:
logging {
channel default_file {
file "/var/log/named/default.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel general_file {
file "/var/log/named/general.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel database_file {
file "/var/log/named/database.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel security_file {
file "/var/log/named/security.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel config_file {
file "/var/log/named/config.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel resolver_file {
file "/var/log/named/resolver.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel xfer-in_file {
file "/var/log/named/xfer-in.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel xfer-out_file {
file "/var/log/named/xfer-out.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel notify_file {
file "/var/log/named/notify.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel client_file {
file "/var/log/named/client.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel unmatched_file {
file "/var/log/named/unmatched.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel queries_file {
file "/var/log/named/queries.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel network_file {
file "/var/log/named/network.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel update_file {
file "/var/log/named/update.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel dispatch_file {
file "/var/log/named/dispatch.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel dnssec_file {
file "/var/log/named/dnssec.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel lame-servers_file {
file "/var/log/named/lame-servers.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
category default { default_file; };
category general { general_file; };
category database { database_file; };
category security { security_file; };
category config { config_file; };
category resolver { resolver_file; };
category xfer-in { xfer-in_file; };
category xfer-out { xfer-out_file; };
category notify { notify_file; };
category client { client_file; };
category unmatched { unmatched_file; };
category queries { queries_file; };
category network { network_file; };
category update { update_file; };
category dispatch { dispatch_file; };
category dnssec { dnssec_file; };
category lame-servers { lame-servers_file; };
};
希望這會有所幫助。
運行命令「rndc querylog on」或添加「querylog yes;」到named.conf「options {};」部分來激活該頻道。
另外請確保您檢查正確的目錄,如果您的綁定是chrooted。
我在centos7上有BIND 9.9.4,我嘗試添加「querylog on」到選項部分,但名稱不重新啓動。在期刊中,'/etc/named.conf:30:布爾值預計在'on'上 – DeamonMV
我認爲它可能是querylog是的;在配置文件中,我可能錯誤地將rndc param與配置選項相關聯。 – alexsergeyev
感謝您的信息。但問題在於,我爲每個域都在單個文件夾中包含了區域文件。對於example.com來說,我在主區域文件中使用INCLUDE子句大約有6個子區域文件。我想知道查詢從中提取信息的特定區域文件。我在我的綁定中添加了您的日誌子句。將檢查並讓你知道它是否有幫助。謝謝你的幫助。 – deppfx
我懷疑它實際上是否可行,並且標準日誌記錄不會爲您提供那種詳細程度。 BIND在啓動時將區域文件加載到內存中,這樣文件一旦啓動就沒有意義,它只是一個完整的區域。在BIND中啓用調試模式可能會爲您提供更多級別的詳細信息,但這會導致生成大量日誌記錄,這會影響DNS服務器的性能。 –
爲什麼你認爲記錄所有文件以分離文件更適合調試?當您的服務器繁忙時,請注意大多數頻道中無用的日誌消息。 – alexsergeyev