Bueno, resulta que nuestro querido Bind9 loguea toda su info a /var/log/syslog o /var/log/daemon.log, ahora no recuerdo. Yo, que soy un poco regado en mi locura, decidí separar su información de loguea a otro directorio con otros archivos, Por lo que hoy pongo a disposicion de ustedes este pequeño truco.
Después de instalar y configurar bind9 como nuestro server DNS, haremos la gestión de los logs.
# apt-get install bind9 bind9-utils
Para esto vamos al archivo named.conf y editamos/añadimos lo siguiente:
logging {
channel default_file {
file «/var/log/bind/default.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel general_file {
file «/var/log/bind/general.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel database_file {
file «/var/log/bind/database.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel security_file {
file «/var/log/bind/security.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel config_file {
file «/var/log/bind/config.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel resolver_file {
file «/var/log/bind/resolver.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel xfer-in_file {
file «/var/log/bind/xfer-in.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel xfer-out_file {
file «/var/log/bind/xfer-out.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel notify_file {
file «/var/log/bind/notify.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel client_file {
file «/var/log/bind/client.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel unmatched_file {
file «/var/log/bind/unmatched.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel queries_file {
file «/var/log/bind/queries.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel network_file {
file «/var/log/bind/network.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel update_file {
file «/var/log/bind/update.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel dispatch_file {
file «/var/log/bind/dispatch.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel dnssec_file {
file «/var/log/bind/dnssec.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel lame-servers_file {
file «/var/log/bind/lame-servers.log» versions 3 size 5m;
severity dynamic;
print-time yes;
};
category default { default_file; };
category general { general_file; };
category database { database_file; };
category security { security_file; };
category config { config_file; };
category resolver { resolver_file; };
category xfer-in { xfer-in_file; };
category xfer-out { xfer-out_file; };
category notify { notify_file; };
category client { client_file; };
category unmatched { unmatched_file; };
category queries { queries_file; };
category network { network_file; };
category update { update_file; };
category dispatch { dispatch_file; };
category dnssec { dnssec_file; };
category lame-servers { lame-servers_file; };
};
Hecho esto solo debemos hacer lo siguiente en la consola:
# mkdir -p /var/log/bind
# cd /var/log/bind
# touch default.log
# touch general.log
# touch database.log
# touch security.log
# touch config.log
# touch resolver.log
# touch xfer-in.log
# touch xfer-out.log
# touch notify.log
# touch client.log
# touch unmatched.log
# touch queries.log
# touch network.log
# touch update.log
# touch dispatch.log
# touch dnssec.log
# touch lame-servers.log
Después de crear estos archivitos vacíos, permisos:
# chmod -R 644 *; chown -R bind:bind *
Y listo, reinicia bind9.
# /etc/init.d/bind9 restart
Sólo queda revisar algún que otro detalle, pero así ya funciona la cosa…
Saludos y espero les sirva.
Interesante post, pero de casualidad has probado rotar esos logs con el logrotate?????
Yo roto los logs con un script personalizado, no uso logrotate, que me crea el archivo de logs vacío y me reinicia el bind.