DNS and BIND

Configuring Logging

By default named uses syslog, but you can define your own logging in named.conf. Create a new file named /etc/bind/logging that contains the following:

logging{
channel simple_log {
file "/etc/bind/bind.log" versions 3 size 5m;
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
category default{
simple_log;
};
};

This is a basic example and should only be used as a guide. This will log all warnings (as defined with severity warning;) to /etc/bind/bind.log. There is a 5 megabyte limit on this file. For more information on logging please refer to [1]

Include the following line in named.conf to include the /etc/bind/logging file:

include "/etc/bind/logging";

If a separate file is used for the logging configuration, run the following command as root to set the correct user and group ownership:

chown named:named /etc/bind/logging

Run the following command as root to set the correct mode:

chmod 600 /etc/bind/logging

If you are running SELinux, run the following command as root to set the correct SELinux context:

chcon -t named_zone_t /etc/bind/logging

If the file specified using file "/etc/bind/bind.log" versions 3 size 5m; does not exist, run the following command as root to create it:

touch bind.log

Run the following command as root to set the correct user and group for the log file:

chown named:named bind.log

Run the following command as root to set the correct mode:

chmod 600 bind.log

If you are running SELinux, run the following command as root to set the correct SELinux context:

chcon -t named_cache_t bind.log

After a reload using the rndc reload command, the log file will look similar to the following:

10­Mar­2007 10:52:48.002 general: info: zone
testdomain.com/IN: loaded serial 2007031001
10­Mar­2007 10:52:48.002 notify: info: zone
testdomain.com/IN: sending notifies (serial 2007031001)
10­Mar­2007 10:52:48.002 notify: info: client 192.168.0.1#1024: received notify for zone 'testdomain.com'