rhel5中配置DNS服务器的日志

默认named的日志功能是关闭的,可以使用rndc status查看,如下所示:
   #rndc status
   number of zones: 8
   debug level: 0
   xfers running: 0
   xfers deferred: 0
   soa queries in progress: 0
query logging is OFF
   recursive clients: 0/1000
   tcp clients: 0/100
   使用rndc querylog开启named的日志功能,如下所示:
   #rndc querylog
   #rndc status
   number of zones: 8
   debug level: 0
   xfers running: 0
   xfers deferred: 0
   soa queries in progress: 0
query logging is ON
   recursive clients: 0/1000
   tcp clients: 0/100
   server is up and running
   下来在/var/named/chroot/var/named目录下创建一个named.log文件名,这个文件名字随便叫,创建完了后设置权限,如下所示:
   #chown named.named /var/named/chroot/var/named/named.log
   #chmod 755 /var/named/chroot/var/named/named.log
   如果你开启了selinux还要设置相应权限,如果selinux状态为enforcing,你做如下设置,系统会提示named没有权限访问named.log文件,不论我做怎样修改,还是提示无权限,最后我把selinux状态改为permissive状态,named的相关信息写入了named.log文件,但是selinux还是会警告用restorecon -v "./named.log"修改该文件的权限,我使用了restorecon命令后,哪个警告信息还是会出现的,怎么解决这个以后再说,如果你有好的建议,请说明一下。结果是如下所示:
   #chcon -u system_u named.log
   到此这个文件的相关设置就完成了,下来配置/etc/named.conf文件,在此文件里加入以下内容:
   logging {
        channel default_syslog { syslog local2; severity error; };
        channel audit_log {
                file "named.log" versions 3 size 20m;
                severity info;
                print-time yes;
                print-category  yes;
        };
        category default { audit_log; };
        category general { audit_log; };
        category security { audit_log; default_syslog; };
        category config { default_syslog; };
        category resolver { audit_log; };
        category xfer-in { audit_log; };
        category xfer-out { audit_log; };
        category notify { audit_log; };
        category client { audit_log; };
        category network { audit_log; };
        category update { audit_log; };
        category queries { audit_log; };
        category lame-servers { audit_log; };
   };
   重启你的named进程,以后你的dns相关信息就会出现这个文件里!

本文出自 “candon123” 博客,转载请与作者联系!

你可能感兴趣的:(日志,服务器,职场,dns,休闲)