게시물 250건
   
[centOS7.7] DNS log 설정 [ 로그 / logging / debug ]
글쓴이 : theko 날짜 : 2020-06-24 (수) 15:44 조회 : 181
아래와 같이 자기가 원하는 설정만 해서 로그를 보면 된다. 

# more named.conf
//
// named.conf for Red Hat caching-nameserver 
//

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        allow-query { any; };
//      recursion no;
        allow-transfer {  210.1.1.25; };
         version " No touch !!! No !!";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
         // query-source address * port 53;
};

// 
// a caching only nameserver config
// 
controls {
        inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

 

logging { 

    channel "__default_syslog" { 

        // Send most of the named messages to syslog. 

        syslog local2;  // ( kern | user | mail | daemon | auth |

                        // syslog | lpr | new | uucp | cron |

                        // authpriv | ftp | local0 | local1 |

                        // local2 | local3 | local4 | local5 |

                        // local6 | local7 )

        severity debug; // ( critical | error | warning | notice |

                        // info | debug [ level ] | dynamic )

    }; 

 

 

        //

        // log channel list

        //

 

    channel ch_default_log { 

        file "/var/named/log/ch_default.log" versions 1 size 1m; 

        severity debug; 

        print-category yes; 

        print-severity yes; 

        print-time yes; 

    }; 

    channel ch_config_log { 

        file "/var/named/log/ch_config.log"  versions 3 size 20m; 

        severity debug; 

        print-category yes; 

        print-severity yes; 

        print-time yes; 

    }; 

 

    channel ch_queries_log {                // 이것을 설정하면 질의하는 서버들의 로그가 남아짐

        file "/var/named/log/ch_queries.log"  versions 1 size 1m; 

        severity debug; 

        print-category yes; 

        print-severity yes; 

        print-time yes; 

    }; 

    channel ch_lame-servers_log { 

        file "/var/named/log/ch_lame-servers.log"  versions 1 size 1m; 

        severity debug; 

        print-category yes; 

        print-severity yes; 

        print-time yes; 

    }; 

    channel ch_statistics_log { 

        file "/var/named/log/ch_statistics.log"  versions 1 size 1m; 

        severity debug; 

        print-category yes; 

        print-severity yes; 

        print-time yes; 

    }; 


    channel ch_update_log { 

        file "/var/named/log/ch_update.log"  versions 3 size 20m; 

        severity debug; 

        print-category yes; 

        print-severity yes; 

        print-time yes; 

    }; 


    channel ch_xfer-in_log { 

        file "/var/named/log/ch_xfer-in.log"  versions 3 size 20m; 

        severity debug; 

        print-category yes; 

        print-severity yes; 

        print-time yes; 

    }; 

    channel ch_xfer-out_log { 

        file "/var/named/log/ch_xfer-out.log"  versions 3 size 20m; 

        severity debug; 

        print-category yes; 

        print-severity yes; 

        print-time yes; 

    }; 


    channel ch_notify_log { 

        file "/var/named/log/ch_notify.log"  versions 3 size 20m; 

        severity debug; 

        print-category yes; 

        print-severity yes; 

        print-time yes; 

    }; 


    channel ch_security_log { 

        file "/var/named/log/ch_security.log"  versions 3 size 20m; 

        severity debug; 

        print-category yes; 

        print-severity yes; 

        print-time yes; 

    }; 

channel default_debug {     // 에러나는 질의에 대해서만 로그가 남김.

        file "/var/named/log/default_debug.log"  versions 3 size 20m; 

        severity debug; 

        print-category yes; 

        print-severity yes; 

        print-time yes; 

    }; 

 

 
     category default { ch_default_log; }; 

     category config { ch_config_log; }; 


     category queries { ch_queries_log; }; 

     category lame-servers { ch_lame-servers_log; }; 

 

     category update { ch_update_log; }; 


     category xfer-in { ch_xfer-in_log; }; 

     category xfer-out { ch_xfer-out_log; }; 

 

     category notify { ch_notify_log; }; 


     category security { ch_security_log; }; 

 

 

 }; 


 

 

 2.   로그 보기

[root@serverchk log]# tail -f ch_queries.log 
Jul 12 21:33:41.437 queries: info: client 41.177.72.8#2951: query: yahooms.com IN A
Jul 12 21:34:06.750 queries: info: client 209.85.228.94#61640: query: www.yahooms.com IN A
Jul 12 21:35:50.852 queries: info: client 168.126.48.6#55239: query: ns2.serverchk.com IN AAAA
Jul 12 21:35:50.860 queries: info: client 168.126.48.2#47408: query: ns2.serverchk.com IN A
Jul 12 21:36:26.775 queries: info: client 168.126.63.16#34743: query: ns2.serverchk.com IN AAAA
Jul 12 21:36:26.970 queries: info: client 210.116.105.184#44648: query: ns2.serverchk.com IN A
Jul 12 21:36:47.155 queries: info: client 211.35.65.68#7500: query: test1.pe.kr IN SOA
Jul 12 21:37:44.139 queries: info: client 211.35.65.68#57149: query: dnspro.pe.kr IN SOA
Jul 12 21:38:09.054 queries: info: client 211.35.65.68#58654: query: serverchk.com IN SOA
Jul 12 21:38:23.205 queries: info: client 211.35.65.68#17164: query: yejin.pe.kr IN SOA



이름 패스워드
비밀글 (체크하면 글쓴이만 내용을 확인할 수 있습니다.)
왼쪽의 글자를 입력하세요.
   

miwit.com sir.co.kr DNS Powered by DNSEver.com DNS Powered by DNSEver.com