Thank you Brian... The host was a typo, they are the same host.
The output from journalctl is more confusing to me and imho the crux of the
problem.
Why is journalctl showing 2 log entries 1 for pdns_server and one for pdns
(both with the same pid).
journalctl -u pdns --no-pager | tail -2
Sep 14 10:49:01 xxxxxx-209 pdns[103973]: AXFR of domain 'foo.bar.com' to
1.2.3.4 finished
Sep 14 10:49:01 xxxxxx-209 pdns_server[103973]: AXFR of domain 'foo.bar.com' to
1.2.3.4 finished
I would not think that would be an rsyslog issue.
From: b.cand...@pobox.com At: 09/14/23 10:44:05 UTC-4:00To: Ian Goldstein
(BLOOMBERG/ 120 PARK ) , pdns-users@mailman.powerdns.com
Subject: Re: [Pdns-users] Logging to /var/log/messages
On 14/09/2023 15:32, Ian Goldstein (BLOOMBERG/ 120 PARK) wrote:
The log entry that appears in my pdns.log is:
Sep 14 09:07:52 xxxxxx-232 pdns[1380]: AXFR of domain
'foo.bar.com' to 1.2.3.4 finished
The entry that appears in /var/log/messages:
Sep 14 09:26:30 xxxxxx-209 pdns_server: AXFR of domain
'foo.bar.com' initiated by 1.2.3.4
also, the output from journalctl shows 2 entries
Sep 14 10:22:41 xxxxxx-209 pdns_server[98865]: AXFR of
domain 'foo.bar.com' to 1.2.3.4finished
Sep 14 10:22:41 xxxxxx-209 pdns[98865]: AXFR of domain
'foo.bar.com' to 1.2.3.4 finished
xxxxxx-232 and xxxxxx-209 appear to be two different hostnames, and you
might want to check why one is running "pdns", one is running
"pdns_server", and some logs show the PID and some don't. Basically
those logs are too obfuscated to be meaningful.
journalctl is going to show the logs which are coming directly from
powerdns on stdout/stderr.
Apart from that, I think you'd be better off asking your question on an
rsyslog mailing list, since powerdns has no control over how rsyslog
processes or writes logs.
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
