BIND 9 logging configuration template

1 Logging configuration template for an authoritative BIND 9 server

logging {
        channel named           { file "named.log"     versions 10 size 20M; severity info;   print-time iso8601-utc; print-category yes; print-severity yes; };
        channel security        { file "security.log"  versions 10 size 20M; severity info;   print-time iso8601-utc; print-severity yes; };
        channel ratelimit       { file "ratelimit.log" versions 10 size 20M; severity info;   print-time iso8601-utc; print-severity yes; };
        channel query_log       { file "query.log"     versions 10 size 20M; severity debug;  print-time iso8601-utc; print-severity yes; };
        channel xfer            { file "transfer.log"  versions 10 size 10M; severity info;   print-time iso8601-utc; print-severity yes; };
        channel update          { file "update.log"    versions 10 size 10M; severity info;   print-time iso8601-utc; print-severity yes; };

        category default        { default_syslog;  named; };
        category general        { default_syslog;  named; };
        category security       { security; };
        category queries        { query_log; };
        category config         { default_syslog; named; };
        category resolver       { resolver; };
        category network        { default_syslog; named; };
        category rate-limit     { ratelimit; };
        category xfer-in        { default_syslog; xfer; };
        category xfer-out       { default_syslog; xfer; };
        category notify         { default_syslog; xfer; };
        category update         { default_syslog; update; };
        category update-security { default_syslog; update; };
        category zoneload       { default_syslog;  named; };
};

2 Logging configuration template for an BIND 9 resolver

logging {
        channel named           { file "named.log"        versions 10 size 20M; severity info;  print-time iso8601-utc; print-category yes; print-severity yes;};
        channel security        { file "security.log"     versions 10 size 20M; severity info;  print-time iso8601-utc; print-severity yes; };
        channel dnssec          { file "dnssec.log"       versions 10 size 20M; severity info;  print-time iso8601-utc; print-severity yes; };
        channel resolver        { file "resolver.log"     versions 10 size 20M; severity info;  print-time iso8601-utc; print-severity yes; };
        channel query_log       { file "query.log"        versions 10 size 80M; severity debug; print-time iso8601-utc; print-severity yes; };
        channel query-error     { file "query-errors.log" versions 10 size 20M; severity info;  print-time iso8601-utc; print-severity yes; };
        channel lame_servers    { file "lame-servers.log" versions 10 size 20M; severity info;  print-time iso8601-utc; print-severity yes; };
        channel capacity        { file "capacity.log"     versions 10 size 20M; severity info;  print-time iso8601-utc; print-severity yes; };
        channel rpz             { file "rpz.log"          versions 10 size 20M; severity info;  print-time iso8601-utc; print-severity yes; };

        category default        { default_syslog;  named; };
        category general        { default_syslog;  named; };
        category security       { security; };
        category queries        { query_log; };
	category lame-servers   { lame_servers;};
        category dnssec         { dnssec; };
        category edns-disabled  { default_syslog; };
        category config         { default_syslog; named; };
        category resolver       { resolver; };
        category edns-disabled  { resolver; };
        category cname          { resolver; };
        category serve-stale    { resolver; };
        category spill          { capacity; };
	category rate-limit     { capacity; };
	category database       { capacity; };
        category client         { default_syslog; named; };
        category network        { default_syslog; named; };
	category dnstap         { dnstap;};
        category unmatched      { named; };
        category client         { named; };
        category network        { named; };
        category delegation-only { named;};
        category dispatch       { named; };
        category trust-anchor-telemetry { named; };
	category rpz            { rpz;};
};