BIND9를 위한 로그 설정
BIND는 오픈 소스의 성격에 맞게 다양한 로그와 디버거 정보를 제공하고 있습니다.
특히 로그는 성격에 맞게 Category로 나누어져 있으며, Category별로 다양하게 저장이 가능합니다.
시스템의 부하와 디스크의 공간이 있다면 로그를 많이 남겨두는 것이 장애시 분석을 가능하게 하는 방법입니다. 가급적이면 로그를 많이 남겨두는 것이 좋습니다.
로그는 named.conf에 적용을 하면 되며, 카테고리별 설명은 아래와 같습니다.
default | The default category defines the logging options for those categories where no specific configuration has been defined. |
general | The catch-all. Many things still aren't classified into categories, and they all end up here. |
database | Messages relating to the databases used internally by the name server to store zone and cache data. |
security | Approval and denial of requests. |
config | Configuration file parsing and processing. |
resolver | DNS resolution, such as the recursive lookups performed on behalf of clients by a caching name server. |
xfer-in | Zone transfers the server is receiving. |
xfer-out | Zone transfers the server is sending. |
notify | The NOTIFY protocol. |
client | Processing of client requests. |
unmatched | Messages that named was unable to determine the class of or for which there was no matching view. A one line summary is also logged to the clientcategory. This category is best sent to a file or stderr, by default it is sent to thenull channel. |
network | Network operations. |
update | Dynamic updates. |
update-security | Approval and denial of update requests. |
queries | Specify where queries should be logged to. At startup, specifying the category queries will also enable query logging unlessquerylog option has been specified. The query log entry reports the client's IP address and port number, and the query name, class and type. It also reports whether the Recursion Desired flag was set (+ if set, - if not set), EDNS was in use (E) or if the query was signed (S). client 127.0.0.1#62536: query: www.example.com IN AAAA +SE client ::1#62537: query: www.example.net IN AAAA -SE |
dispatch | Dispatching of incoming packets to the server modules where they are to be processed. |
dnssec | DNSSEC and TSIG protocol processing. |
lame-servers | Lame servers. These are misconfigurations in remote servers, discovered by BIND 9 when trying to query those servers during resolution. |
delegation-only | Delegation only. Logs queries that have have been forced to NXDOMAIN as the result of a delegation-only zone or a delegation-only in a hint or stub zone declaration. |
아래는 BIND9에서 제공하는 모든 Category를 적용한 샘플입니다.
logging { channel "default_syslog" { // Send most of the named messages to syslog. syslog local2; severity debug; }; channel "default_syslog" { file "log/default.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "general_syslog" { file "log/general.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "database_syslog" { file "log/database.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "security_syslog" { file "log/security.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "config_syslog" { file "log/config.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "resolver_syslog" { file "log/resolver.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "xfer-in_syslog" { file "log/xfer-in.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "xfer-out_syslog" { file "log/xfer-out.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "notify_syslog" { file "log/notify.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "client_syslog" { file "log/client.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "unmatched_syslog" { file "log/unmatched.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "network_syslog" { file "log/network.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "update_syslog" { file "log/update.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "update_security_syslog" { file "log/update_security.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "queries_syslog" { file "log/queries.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "dispatch_syslog" { file "log/dispatch.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "dnssec_syslog" { file "log/dnssec.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "lame-servers_syslog" { file "log/lame-servers.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; channel "delegation-only_syslog" { file "log/delegation-only.log" versions 3 size 20m; severity debug; print-category yes; print-severity yes; print-time yes; }; category default { default_syslog; }; category general { default_syslog; }; category database { database_syslog; }; category security { security_syslog; }; category config { config_syslog; }; category resolver { resolver_syslog; }; category xfer-in { xfer-in_syslog; }; category xfer-out { xfer-out_syslog; }; category notify { notify_syslog; }; category client { client_syslog; }; category unmatched { unmatched_syslog; }; category network { network_syslog; }; category update { update_syslog; }; category update-security { update_security_syslog; }; category queries { queries_syslog; }; category dispatch { dispatch_syslog; }; category dnssec { dnssec_syslog; }; category lame-servers { lame-servers_syslog; }; category delegation-only { delegation-only_syslog; }; };[출처] BIND9를 위한 로그 설정|작성자 네임서버
네임서버 이야기 | 네임서버 (http://blog.naver.com/netpiadns/50021687725)
[출처] 네임서버 이야기 | 네임서버 (http://blog.naver.com/netpiadns/50021687725)
'리눅스 > DNS' 카테고리의 다른 글
| dnstop 설치 (DNS 쿼리량 순서로 모니터링) (0) | 2015.01.26 |
|---|---|
| PDNS의 다양한 에러 로그 및 해결책 (0) | 2015.01.26 |
| queryperf 설치 및 사용방법 (DNS 스트레스 테스트) (0) | 2015.01.26 |
| 네임서버 도메인 위임 (0) | 2015.01.26 |
| PowerDNS (PDNS) 설치 및 설정 (0) | 2015.01.26 |
