﻿BIND LOGGING
------------

By default, logs from named are sent to /var/log/messages via syslog.

Let's make BIND log in a more detailed fashion.

On MASTER:

1. Create the log directory:

	# mkdir /etc/namedb/log
	# chown bind /etc/namedb/log

2. Edit /etc/namedb/named.conf, find the end of the "options" section, and
   create the "logging section":

options {
    ...
};

// - - - - - - - - - - - - - - - cut below - - - - - - - - - - - - - - -

logging {
        // Channels

        channel transfers {
            file "/etc/namedb/log/transfers" versions 3 size 10M;
            print-time yes;
			severity info;
        };
        channel notify {
            file "/etc/namedb/log/notify" versions 3 size 10M;
            print-time yes;
			severity info;
        };
        channel dnssec {
            file "/etc/namedb/log/dnssec" versions 3 size 10M;
            print-time yes;
			severity info;
        };
        channel query {
            file "/etc/namedb/log/query" versions 5 size 10M;
            print-time yes;
			severity info;
        };
        channel general {
            file "/etc/namedb/log/general" versions 3 size 10M;
            print-time yes;
			severity info;
        };

        // Categories

        category xfer-out { transfers; };
        category xfer-in { transfers; };
        category notify { notify; };

        category lame-servers { general; };
        category config { general; };
        category default { general; };
        category security { general; };
        category dnssec { dnssec; };

        // category queries { query };

};

// - - - - - - - - - - - - - - - cut above - - - - - - - - - - - - - - -


Save and exit the file, and TEST that it works:

	# named-checkconf /etc/namedb/named.conf

2. Now reconfig or restart bind:

   # rndc reconfig

	- Look into /etc/namedb/log/, and see if the files get created.

	If it doesn't work, try:

	- check permissions for /etc/namedb/log
	- restarting named (/etc/rc.d/named restart)

3. Do a zone transfer of you own domain:

	# dig @master.grpX.ws.nsrc.org AXFR MYTLD
	...

	- Verify that the transfer shows up in /etc/namedb/log/transfers:

17-Feb-2011 11:18:15.331 client 127.0.0.1#61235: transfer of 'MYTLD/IN': AXFR started
17-Feb-2011 11:18:15.331 client 127.0.0.1#61235: transfer of 'MYTLD/IN': AXFR ended
