>Logging Bind Queries

>

To log DNS  queries on linux, we use logging feature of Bind server.Suppose you want to log dns queries in file /var/log/querylog.log in this case make following entries in /etc/named.conf.

  logging {
              channel querylog{
                                         file “/var/log/querylog”;
                                         severity debug 3;
                                         print-category yes;
                                         print-time yes;
                                         print-severity yes;
                                        };
                category queries { querylog;};
             };

After putting above lines in /etc/named.conf , It is advisable to create log file manually

   root#touch /var/log/querylog

And and make it writeable by user named

  root#chown named.named /var/log/querylog



Restart bind server to apply changes

   root#/etc/init.d/named restart



Do some queries to dns server using dig or nslookup


View query now in file /var/log/querylog.

 root#tail /var/log/querylog


15 thoughts on “>Logging Bind Queries

  1. Mukesh

    >Not understand this line
    root#chown named.named /var/log/querylog

    what is diffrence between
    root#/etc/init.d/named restart and service named restsrt

  2. Mukesh

    >not understand this ine
    root#chown named.named /var/log/querylog

    what is the diffrence between
    root#/etc/init.d/named restart and service named restart

  3. vishesh

    >root#chown named.named /var/log/querylog
    Above line make named which is a user , the owner of log file /var/log/querylog

    root#/etc/init.d/named restart and service named restart
    Both are same

  4. Mukesh

    >if i don"t want to write this line, can i check log file??, i am login from root, why need to create named.named, if need to create user why use named.named
    root#chown named.named /var/log/querylog

  5. vishesh

    >You don't need to create user named. This user created automatically when you install bind server. Just change ownership of log file to named, and this is required.

  6. Mukesh

    >plz before line number 10 put ;
    otherwise get error in service name restart
    2nd thing i have change all entry and working fine , my query with my dns
    #dig info.com @192.168.0.4
    result is ok according our dns, but when i check log file there is no any entry, plz advise any query for chek log file

  7. Mukesh

    >yes there is no any entry, i am using this command to chek
    [root@localhost log]# cat /var/log/querylog
    [root@localhost log]# tail /var/log/querylog
    [root@localhost log]# vi /var/log/querylog

    1. Mukesh Kumar Jha

      check permission for log file.
      I have implemented its working so not worry about this kindly share your configuration file

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Current month ye@r day *