CentOS Bind DNS Log

上篇完成了DNS的架設,開始要查看Log的時候,發現DNS的Log是又臭又長,且預設竟然跟/var/log/messages混在一起,當要查Log的時候會覺得眼花撩亂,上網查了一下資料,這是有解決方案的,趕快記錄下來。

主要步驟如下:
1. 設定named.conf
2. 查看LOG
1. 設定named.conf
# vi /etc/named.conf
logging {
        channel default-log {
        file "/var/log/default-log" versions 3 size 20m;
        severity info;
        print-severity yes;
        print-time yes;
        print-category yes;
        };

        channel notify-log {
        file "/var/log/notify-log" versions 3 size 20m;
        severity info;
        print-severity yes;
        print-time yes;
        print-category yes;
        };

        channel security-log {
        file "/var/log/security-log" versions 3 size 20m;
        severity info;
        print-severity yes;
        print-time yes;
        print-category yes;
        };

        channel query-log {
        file "/var/log/query-log" versions 3 size 20m;
        severity info;
        print-severity yes;
        print-time yes;
        print-category yes;
        };

        channel xfer-out-log {
        file "/var/log/xfer-log" versions 3 size 20m;
        severity info;
        print-severity yes;
        print-time yes;
        print-category yes;
        };

        category default        { default-log;};
        category notify         { notify-log;};
        category security       { security-log;};
        category queries        { query-log;};
        category xfer-out       { xfer-out-log;};
        };
Note:主要有幾點要注意一下
a. Bind 把Log做了幾個分類(category),可以把幾個比較重要的Log獨立出來方便查詢
b. file “/var/log/XXXXX-log” 指定Log檔案所存的路徑
c. versions 需要存放幾個 (99代表unlimited)
d. size 一個檔案的大小
e. severity 所擷取的Log 等級
f.  print-severity  & print-category 是否顯示Log 的等級
g. print-time 是否顯示Log的日期及時間
2. 查看LOG
設定完成後,重新啟動named
# /etc/init.d/named restart
開始觀察Log
#ls -l/var/named/chroot/var/log
-rw-r–r– 1 named named   10266 2013-06-17 16:32 default-log
-rw-r–r– 1 named named     712 2013-06-17 16:18 notify-log
-rw-r–r– 1 named named 1236237 2013-06-17 17:08 query-log
-rw-r–r– 1 named named   60899 2013-06-17 16:26 security-log
-rw-r–r– 1 named named     716 2013-06-17 16:18 xfer-log
#less /var/named/chroot/var/log/query-log

…….省略,是不是就變的很工整阿

Refer:
Facebook Comments