LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 07-10-2019, 02:02 PM   #1
dr.x
Member
 
Registered: Jan 2013
Posts: 182

Rep: Reputation: Disabled
Linux-Bind- how to stop logging to /var/log/messages ? !!


Hello Guys ,


i have bind as DNS service my side ,


Linux-Bind- how to stop logging to /var/log/messages ? !!

i tried to enable loggin to other files but i still getting in /var/log/messages !!!

Quote:
[root@10GE23 ~]# cat /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
listen-on port 53 { 127.0.0.1; };
////// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
allow-query-cache { localhost; };
recursion yes;
/////////////////////////////////////////
dnssec-enable no;
dnssec-validation no;
forwarders { 1.0.0.1; 8.8.8.8; };
querylog yes;
////////////////////////////
////// dnssec-enable yes;
////// dnssec-validation yes;

/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";

managed-keys-directory "/var/named/dynamic";
};
////////////////////////////////////////////////////////////////////////////
logging {
channel default_log {
file "/var/named/log/default" versions 3 size 20m;
print-time yes;
print-category yes;
print-severity yes;
severity info;
};
channel auth_servers_log {
file "/var/named/log/auth_servers" versions 100 size 20m;
print-time yes;
print-category yes;
print-severity yes;
severity info;
};
channel dnssec_log {
file "/var/named/log/dnssec" versions 3 size 20m;
print-time yes;
print-category yes;
print-severity yes;
severity info;
};
channel zone_transfers_log {
file "/var/named/log/zone_transfers" versions 3 size 20m;
print-time yes;
print-category yes;
print-severity yes;
severity info;
};
channel ddns_log {
file "/var/named/log/ddns" versions 3 size 20m;
print-time yes;
print-category yes;
print-severity yes;
severity info;
};
channel client_security_log {
file "/var/named/log/client_security" versions 3 size 20m;
print-time yes;
print-category yes;
print-severity yes;
severity info;
};
channel rate_limiting_log {
file "/var/named/log/rate_limiting" versions 3 size 20m;
print-time yes;
print-category yes;
print-severity yes;
severity info;
};
channel rpz_log {
file "/var/named/log/rpz" versions 3 size 20m;
print-time yes;
print-category yes;
print-severity yes;
severity info;
};
channel dnstap_log {
file "/var/named/log/dnstap" versions 3 size 20m;
print-time yes;
print-category yes;
print-severity yes;
severity info;
};
//
// If you have the category ‘queries’ defined, and you don’t want query logging
// by default, make sure you add option ‘querylog no;’ - then you can toggle
// query logging on (and off again) using command ‘rndc querylog’
//
channel queries_log {
file "/var/named/log/queries" versions 600 size 20m;
print-time yes;
print-category yes;
print-severity yes;
severity info;
};
//
// This channel is dynamic so that when the debug level is increased using
// rndc while the server is running, extra information will be logged about
// failing queries. Other debug information for other categories will be
// sent to the channel default_debug (which is also dynamic), but without
// affecting the regular logging.
//
channel query-errors_log {
file "/var/named/log/query-errors" versions 5 size 20m;
print-time yes;
print-category yes;
print-severity yes;
severity dynamic;
};
//
// This is the default syslog channel, defined here for clarity. You don’t
// have to use it if you prefer to log to your own channels.
// It sends to syslog’s daemon facility, and sends only logged messages
// of priority info and higher.
// (The options to print time, category and severity are non-default.)
//
channel default_syslog {
print-time yes;
print-category yes;
print-severity yes;
syslog daemon;
severity info;
};
//
// This is the default debug output channel, defined here for clarity. You
// might want to redefine the output destination if it doesn’t fit with your
// local system administration plans for logging. It is also a special
// channel that only produces output if the debug level is non-zero.
//
channel default_debug {
print-time yes;
print-category yes;
print-severity yes;
file "named.run";
severity dynamic;
};
//
// Log routine stuff to syslog and default log:
//
category default { default_syslog; default_debug; default_log; };
category config { default_syslog; default_debug; default_log; };
category dispatch { default_syslog; default_debug; default_log; };
category network { default_syslog; default_debug; default_log; };
category general { default_syslog; default_debug; default_log; };
//
// From BIND 9.12 and newer, you can direct zone load logging to another
// channel with the new zoneload logging category. If this would be useful
// then firstly, configure the new channel, and then edit the line below
// to direct the category there instead of to syslog and default log:
//
//// category zoneload { default_syslog; default_debug; default_log; };
//
// Log messages relating to what we got back from authoritative servers during
// recursion (if lame-servers and edns-disabled are obscuring other messages
// they can be sent to their own channel or to null). Sometimes these log
// messages will be useful to research why some domains don’t resolve or
// don’t resolve reliably
//
category rate-limit { rate_limiting_log; default_debug; };
///// category spill { rate_limiting_log; default_debug; };
category database { rate_limiting_log; default_debug; };
//
// Log DNS-RPZ (Response Policy Zone) messages (if you are not using DNS-RPZ
// then you may want to comment out this category and associated channel)
//
category rpz { rpz_log; default_debug; };
//
// Log messages relating to the "dnstap" DNS traffic capture system (if you
// are not using dnstap, then you may want to comment out this category and
// associated channel).
//
//// category dnstap { dnstap_log; default_debug; };
//
// If you are running a server (for example one of the Internet root
// nameservers) that is providing RFC 5011 trust anchor updates, then you
// may be interested in logging trust anchor telemetry reports that your
// server receives to analyze anchor propagation rates during a key rollover.
// If this would be useful then firstly, configure the new channel, and then
// un-comment and the line below to direct the category there instead of to
// syslog and default log:
//
//
category queries { queries_log; };
//
// This logging category will only emit messages at debug levels of 1 or
// higher - it can be useful to troubleshoot problems where queries are
// resulting in a SERVFAIL response.
//
category query-errors {query-errors_log; };
};
/////////////////////////////////////////////////////////
///logging {
/// channel default_debug {
/// file "data/named.run";
//// severity dynamic;
//// };
////};
/////////////////////////////////////////////////////////
zone "." IN {
type hint;
file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
Thanks
 
Old 07-10-2019, 03:06 PM   #2
smallpond
Senior Member
 
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: CentOS 6 & 7
Posts: 3,178

Rep: Reputation: 853Reputation: 853Reputation: 853Reputation: 853Reputation: 853Reputation: 853Reputation: 853
Are you using rsyslog or syslog-ng? The config file for whichever one you use is under /etc and it determines what goes in /var/log/messages.
 
1 members found this post helpful.
Old 07-11-2019, 07:41 AM   #3
Hostech_Support
Member
 
Registered: Oct 2017
Location: India
Posts: 41

Rep: Reputation: Disabled
You need to disable those logging from syslog.conf.
 
1 members found this post helpful.
Old 07-11-2019, 08:04 AM   #4
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,785
Blog Entries: 15

Rep: Reputation: 1640Reputation: 1640Reputation: 1640Reputation: 1640Reputation: 1640Reputation: 1640Reputation: 1640Reputation: 1640Reputation: 1640Reputation: 1640Reputation: 1640
Comment out the section of your named.conf that shows it using syslog by prepending the word "category" with the "//" characters:
Current:
Code:
// Log routine stuff to syslog and default log:
//
category default { default_syslog; default_debug; default_log; };
category config { default_syslog; default_debug; default_log; };
category dispatch { default_syslog; default_debug; default_log; };
category network { default_syslog; default_debug; default_log; };
category general { default_syslog; default_debug; default_log; };
//
Revised:
Current:
Code:
// Log routine stuff to syslog and default log:
//
//category default { default_syslog; default_debug; default_log; };
//category config { default_syslog; default_debug; default_log; };
//category dispatch { default_syslog; default_debug; default_log; };
//category network { default_syslog; default_debug; default_log; };
//category general { default_syslog; default_debug; default_log; };
//
You'd need to restart bind after making that change.

Alternatively you could modify that section to go to a different log or you could modify syslog.conf to send logging it receives from BIND to a different log.
 
1 members found this post helpful.
Old 07-15-2019, 03:04 AM   #5
dr.x
Member
 
Registered: Jan 2013
Posts: 182

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by MensaWater View Post
Comment out the section of your named.conf that shows it using syslog by prepending the word "category" with the "//" characters:
Current:
Code:
// Log routine stuff to syslog and default log:
//
category default { default_syslog; default_debug; default_log; };
category config { default_syslog; default_debug; default_log; };
category dispatch { default_syslog; default_debug; default_log; };
category network { default_syslog; default_debug; default_log; };
category general { default_syslog; default_debug; default_log; };
//
Revised:
Current:
Code:
// Log routine stuff to syslog and default log:
//
//category default { default_syslog; default_debug; default_log; };
//category config { default_syslog; default_debug; default_log; };
//category dispatch { default_syslog; default_debug; default_log; };
//category network { default_syslog; default_debug; default_log; };
//category general { default_syslog; default_debug; default_log; };
//
You'd need to restart bind after making that change.

Alternatively you could modify that section to go to a different log or you could modify syslog.conf to send logging it receives from BIND to a different log.














Thank you very much i think it works now !
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] iptables troubleshooting icmp and best place to log /var/log/messages or /var/log/iptables JockVSJock Linux - Security 18 02-12-2016 12:31 AM
logging messages from my program doesn't reach /var/log/messages rajas Programming 4 09-18-2011 12:38 AM
/var/adm/messages vs /var/log/messages gomes1333 Linux - General 1 04-06-2010 04:08 AM
I want to stop these particular messages in /var/log/messages smartyshan Linux - Security 7 05-31-2009 02:41 AM
/var/log/messages and /var/log/cron not working sigkill Linux - Software 6 08-09-2008 01:08 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 05:10 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration