본문 바로가기

네임서버

[네임서버] bind logging 설정

bind logging 설정

named 설정 파일(named.conf) 편집

- named.conf에 있는 logging 블록 주석로깅 설정 파일(named.logging.conf) 추가

vim /etc/named.conf
options {
        listen-on port 53 { any; };
...
};
/*
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
*/
zone "." IN {
        type hint;
        file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
include "/etc/named.logging.conf";

named.logging.conf 편집

vim /etc/named.logging.conf
logging {
        channel "default_syslog" {
                // Send most of the named messages to syslog.
                syslog local2;
                severity debug;
        };
        channel "default_syslog" {
                file "log/default.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "general_syslog" {
                file "log/general.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "database_syslog" {
                file "log/database.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "security_syslog" {
                file "log/security.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "config_syslog" {
                file "log/config.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "resolver_syslog" {
                file "log/resolver.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "xfer-in_syslog" {
                file "log/xfer-in.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "xfer-out_syslog" {
                file "log/xfer-out.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "notify_syslog" {
                file "log/notify.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "client_syslog" {
                file "log/client.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "unmatched_syslog" {
                file "log/unmatched.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "network_syslog" {
                file "log/network.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "update_syslog" {
                file "log/update.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "update_security_syslog" {
                file "log/update_security.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "queries_syslog" {
                file "log/queries.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "dispatch_syslog" {
                file "log/dispatch.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "dnssec_syslog" {
                file "log/dnssec.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "lame-servers_syslog" {
                file "log/lame-servers.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel "delegation-only_syslog" {
                file "log/delegation-only.log" versions 3 size 20m;
                severity debug;
                print-category yes;
                print-severity yes;
                print-time yes;
        };

        category default { default_syslog; };
        category general { general_syslog; };
        category database { database_syslog; };
        category security { security_syslog; };
        category config { config_syslog; };
        category resolver { resolver_syslog; };
        category xfer-in { xfer-in_syslog; };
        category xfer-out { xfer-out_syslog; };
        category notify { notify_syslog; };
        category client { client_syslog; };
        category unmatched { unmatched_syslog; };
        category network { network_syslog; };
        category update { update_syslog; };
        category update-security { update_security_syslog; };
        category queries { queries_syslog; };
        category dispatch { dispatch_syslog; };
        category dnssec { dnssec_syslog; };
        category lame-servers { lame-servers_syslog; };
        category delegation-only { delegation-only_syslog; };
};

로그(log) 디렉토리 생성 및 소유자 설정

mkdir /var/named/log
chown named.named /var/named/log

named.conf 설정 파일 문법 검사

named-checkconf

named.conf 설정 파일 및 zone file 문법 검사

named-checkconf -z

named reload

rndc reload
$ rndc reload         
server reload successful

생성된 파일 파일 목록

$ ls -l /var/named/log
total 204
-rw-r--r-- 1 named named     0 Jan 16 09:21 client.log
-rw-r--r-- 1 named named     0 Jan 16 09:21 config.log
-rw-r--r-- 1 named named   129 Jan 16 09:21 database.log
-rw-r--r-- 1 named named     0 Jan 16 09:21 default.log
-rw-r--r-- 1 named named     0 Jan 16 09:21 delegation-only.log
-rw-r--r-- 1 named named     0 Jan 16 09:21 dispatch.log
-rw-r--r-- 1 named named     0 Jan 16 09:21 dnssec.log
-rw-r--r-- 1 named named 77633 Jan 16 09:21 general.log
-rw-r--r-- 1 named named  1409 Jan 16 09:21 lame-servers.log
-rw-r--r-- 1 named named     0 Jan 16 09:21 network.log
-rw-r--r-- 1 named named     0 Jan 16 09:21 notify.log
-rw-r--r-- 1 named named     0 Jan 16 09:21 queries.log
-rw-r--r-- 1 named named    60 Jan 16 09:21 resolver.log
-rw-r--r-- 1 named named     0 Jan 16 09:21 security.log
-rw-r--r-- 1 named named     0 Jan 16 09:21 unmatched.log
-rw-r--r-- 1 named named     0 Jan 16 09:21 update.log
-rw-r--r-- 1 named named     0 Jan 16 09:21 update_security.log
-rw-r--r-- 1 named named     0 Jan 16 09:21 xfer-in.log
-rw-r--r-- 1 named named     0 Jan 16 09:21 xfer-out.log

query log 활성화 여부 확인

rndc status | grep "query logging"
$ rndc status | grep "query logging"
query logging is OFF

query log 활성화

rndc querylog

query log(queries.log) 확인

$ tail -f queries.log
16-Jan-2023 09:27:59.956 queries: info: client @0x7fa0beeb2d50 192.168.0.63#35347 (naver.com): query: naver.com IN A +E(0)K (192.168.0.62)

 

참고URL

- BIND logging 설정 : https://scbyun.com/9

- BIND logging | BIND 9.5.x : https://scbyun.com/100

 

728x90