BIND 9 logging configuration template
Table of Contents
1 Logging configuration template for an authoritative BIND 9 server
logging {
channel named { file "named.log" versions 10 size 20M; severity info; print-time iso8601-utc; print-category yes; print-severity yes; };
channel security { file "security.log" versions 10 size 20M; severity info; print-time iso8601-utc; print-severity yes; };
channel ratelimit { file "ratelimit.log" versions 10 size 20M; severity info; print-time iso8601-utc; print-severity yes; };
channel query_log { file "query.log" versions 10 size 20M; severity debug; print-time iso8601-utc; print-severity yes; };
channel xfer { file "transfer.log" versions 10 size 10M; severity info; print-time iso8601-utc; print-severity yes; };
channel update { file "update.log" versions 10 size 10M; severity info; print-time iso8601-utc; print-severity yes; };
category default { default_syslog; named; };
category general { default_syslog; named; };
category security { security; };
category queries { query_log; };
category config { default_syslog; named; };
category network { default_syslog; named; };
category rate-limit { ratelimit; };
category xfer-in { default_syslog; xfer; };
category xfer-out { default_syslog; xfer; };
category notify { default_syslog; xfer; };
category update { default_syslog; update; };
category update-security { default_syslog; update; };
category zoneload { default_syslog; named; };
};
2 Logging configuration template for an BIND 9 resolver
logging {
channel named { file "named.log" versions 10 size 20M; severity info; print-time iso8601-utc; print-category yes; print-severity yes;};
channel security { file "security.log" versions 10 size 20M; severity info; print-time iso8601-utc; print-severity yes; };
channel dnssec { file "dnssec.log" versions 10 size 20M; severity info; print-time iso8601-utc; print-severity yes; };
channel resolver { file "resolver.log" versions 10 size 20M; severity info; print-time iso8601-utc; print-severity yes; };
channel query_log { file "query.log" versions 10 size 80M; severity debug; print-time iso8601-utc; print-severity yes; };
channel query-error { file "query-errors.log" versions 10 size 20M; severity info; print-time iso8601-utc; print-severity yes; };
channel lame_servers { file "lame-servers.log" versions 10 size 20M; severity info; print-time iso8601-utc; print-severity yes; };
channel capacity { file "capacity.log" versions 10 size 20M; severity info; print-time iso8601-utc; print-severity yes; };
channel rpz { file "rpz.log" versions 10 size 20M; severity info; print-time iso8601-utc; print-severity yes; };
category default { default_syslog; named; };
category general { default_syslog; named; };
category security { security; };
category queries { query_log; };
category lame-servers { lame_servers;};
category dnssec { dnssec; };
category edns-disabled { default_syslog; };
category config { default_syslog; named; };
category resolver { resolver; };
category edns-disabled { resolver; };
category cname { resolver; };
category serve-stale { resolver; };
category spill { capacity; };
category rate-limit { capacity; };
category database { capacity; };
category client { default_syslog; named; };
category network { default_syslog; named; };
category dnstap { dnstap;};
category unmatched { named; };
category network { named; };
category delegation-only { named;};
category dispatch { named; };
category trust-anchor-telemetry { named; };
category rpz { rpz;};
};