>Logging Bind Queries

By | April 24, 2011


To log DNS  queries on linux, we use logging feature of Bind server.Suppose you want to log dns queries in file /var/log/querylog.log in this case make following entries in /etc/named.conf.

  logging {
              channel querylog{
                                         file “/var/log/querylog”;
                                         severity debug 3;
                                         print-category yes;
                                         print-time yes;
                                         print-severity yes;
                category queries { querylog;};

After putting above lines in /etc/named.conf , It is advisable to create log file manually

   root#touch /var/log/querylog

And and make it writeable by user named

  root#chown named.named /var/log/querylog

Restart bind server to apply changes

   root#/etc/init.d/named restart

Do some queries to dns server using dig or nslookup

View query now in file /var/log/querylog.

 root#tail /var/log/querylog

Share itShare on FacebookEmail this to someoneTweet about this on TwitterShare on Google+Share on LinkedInPrint this page

15 thoughts on “>Logging Bind Queries

  1. Mukesh

    >Not understand this line
    root#chown named.named /var/log/querylog

    what is diffrence between
    root#/etc/init.d/named restart and service named restsrt

  2. Mukesh

    >not understand this ine
    root#chown named.named /var/log/querylog

    what is the diffrence between
    root#/etc/init.d/named restart and service named restart

  3. vishesh

    >root#chown named.named /var/log/querylog
    Above line make named which is a user , the owner of log file /var/log/querylog

    root#/etc/init.d/named restart and service named restart
    Both are same

  4. Mukesh

    >if i don"t want to write this line, can i check log file??, i am login from root, why need to create named.named, if need to create user why use named.named
    root#chown named.named /var/log/querylog

  5. vishesh

    >You don't need to create user named. This user created automatically when you install bind server. Just change ownership of log file to named, and this is required.

  6. Mukesh

    >plz before line number 10 put ;
    otherwise get error in service name restart
    2nd thing i have change all entry and working fine , my query with my dns
    #dig info.com @
    result is ok according our dns, but when i check log file there is no any entry, plz advise any query for chek log file

  7. Mukesh

    >yes there is no any entry, i am using this command to chek
    [root@localhost log]# cat /var/log/querylog
    [root@localhost log]# tail /var/log/querylog
    [root@localhost log]# vi /var/log/querylog

  8. vishesh

    >Corrected line number 10 as error catches by mukesh.
    Thanks mukesh

  9. Amit

    >so we were facing log error only because we didn't use
    chown named.named /var/log/querylog

  10. Ben

    With named hav the rights above I’m still not able to see anything in this log. Help!

    1. Mukesh Kumar Jha

      check permission for log file.
      I have implemented its working so not worry about this kindly share your configuration file


Leave a Reply

Your email address will not be published. Required fields are marked *

Current month ye@r day *