Re: Debug Level Logs in BIND 9.18.16 Despite Debug Level Set to 0

I can't reproduce the issue. $ cat named.conf logging { channel named { file "named.log" versions 10 size 100M; severity dynamic; print-category yes; print-severity yes; print-time yes; }; category default { named; }; }; I've run nam

Re: Debug Level Logs in BIND 9.18.16 Despite Debug Level Set to 0

Hello All, Any help on this is much appreciated. Thanks Nagesh. On Tue, Jan 28, 2025 at 11:27 AM Nagesh Thati wrote: > Hi, > > Thank you for your prompt response. > > I configured the logging severity as dynamic to allow me to change the > severity level at any time using the rndc command. I hav

Re: Debug Level Logs in BIND 9.18.16 Despite Debug Level Set to 0

Hi, Thank you for your prompt response. I configured the logging severity as dynamic to allow me to change the severity level at any time using the rndc command. I have also reviewed the release notes for all versions released after BIND 9.18.16, but I did not find any bug fixes related to debug

Re: Debug Level Logs in BIND 9.18.16 Despite Debug Level Set to 0

I wonder…. What do you think that severity dynamic; does in your configuration file and why you have it configured? Have you read the documentation on the logging in the ARM? Also - don’t run old versions of BIND 9, you are almost 20 versions behind the latest 9.18 release, that’s year an half

Debug Level Logs in BIND 9.18.16 Despite Debug Level Set to 0

Dear Team, I am currently using BIND 9.18.16 and have encountered an issue where debug level 3, 5, and 99 logs are being recorded in the named.log, even though the debug level is explicitly set to 0. Could you confirm if there are any hardcoded logging configurations within BIND that might cause

Re: Finding dnssec validation failures in the logs

gt; 7%cloudflare.net > 9%. > 33% com > > It concerns me the SOA records I'm requesting are so often being rejected as > invalid. > > I have my suspicions of what's happening, but not enough information to form > a solid hypothesis or perform tests. I wa

Re: Finding dnssec validation failures in the logs

valid. I have my suspicions of what's happening, but not enough information to form a solid hypothesis or perform tests. I want higher confidence that I'm recognizing the important lines in the logs before I start casting stones. -- Do things because you should, not just because you

Re: Finding dnssec validation failures in the logs

John Thurston wrote: > On a resolver running ISC BIND 9.16.36 with "dnssec-validation auto;" I am > writing "category dnssec" to a log file  at "severity info;"  When I look in > the resulting log file, I'm guessing that lines like this: > validating com/SOA: got insecure respon

Re: Finding dnssec validation failures in the logs

I looked in logs of my resolver in my home network and see a similar message from January 6th: 06-Jan-2023 17:09:23.677 dnssec: info: validating in-addr.arpa/SOA: got insecure response; parent indicates it should be secure I interpret that to mean that someone’s DNS is misconfigured. I

Finding dnssec validation failures in the logs

On a resolver running ISC BIND 9.16.36 with "dnssec-validation auto;" I am writing "category dnssec" to a log file  at "severity info;"  When I look in the resulting log file, I'm guessing that lines like this: validating com/SOA: got insecure response; parent indicates it should be secure A

Re: new dnssec zone OK, error "zone_rekey:dns_zone_getdnsseckeys failed: not found" only in local bind logs ?

On 26-10-2022 20:21, PGNet Dev wrote: hi, If there are currently no keys that we have to check the DS for, then you may still see this log line. all my zones have now toggled rumoured -> omnipresent.  i took no explicit manual action other than letting an arbitrarily long-ish time pass. it

Re: new dnssec zone OK, error "zone_rekey:dns_zone_getdnsseckeys failed: not found" only in local bind logs ?

hi, If there are currently no keys that we have to check the DS for, then you may still see this log line. all my zones have now toggled rumoured -> omnipresent. i took no explicit manual action other than letting an arbitrarily long-ish time pass. it just happened ... eventually. re: your

Re: new dnssec zone OK, error "zone_rekey:dns_zone_getdnsseckeys failed: not found" only in local bind logs ?

is there a way to determine what data is being attempted to write to which file/location on disk? or, generally, any more detail about what "error occurred" ? It will be attempting to write into the key-directory for the zone as defined by named.conf. It will be creating a new file and then re

Re: new dnssec zone OK, error "zone_rekey:dns_zone_getdnsseckeys failed: not found" only in local bind logs ?

> On 17 Oct 2022, at 12:13, PGNet Dev wrote: > >> In addition to what Matthijs said, please make sure that all path components >> in /data/chroot/named/keys/dnssec/example.com/ need to >> have correct permissions, >> this is easy to get wrong. I've burnt on this too many

Re: new dnssec zone OK, error "zone_rekey:dns_zone_getdnsseckeys failed: not found" only in local bind logs ?

In addition to what Matthijs said, please make sure that all path components in /data/chroot/named/keys/dnssec/example.com/  need to have correct permissions, this is easy to get wrong. I've burnt on this too many times. Easiest way how to test is switching to the user that

Re: new dnssec zone OK, error "zone_rekey:dns_zone_getdnsseckeys failed: not found" only in local bind logs ?

Which parental-agent to use is up to you. Something you trust. for the moment, let's say 1.1.1.1 But if you don't have parental-agents set up, the list of keys to check will be empty. Hence the "not found" result. i added zone "example.com" IN { type master; file "/

Re: new dnssec zone OK, error "zone_rekey:dns_zone_getdnsseckeys failed: not found" only in local bind logs ?

Which parental-agent to use is up to you. Something you trust. You can also configure multiple, if so then all parental agents will perform the DS check and only if all parental agents agree (have seen the DS), BIND will set the DS as "seen published in the parent" and the rollover will contin

Re: new dnssec zone OK, error "zone_rekey:dns_zone_getdnsseckeys failed: not found" only in local bind logs ?

This is a log level bug. This log happens when BIND want to check the parental-agents if the DS has been published. But if you don't have parental-agents set up, the list of keys to check will be empty. Hence the "not found" result. Thanks for reporting, this will be fixed in the next release,

Re: new dnssec zone OK, error "zone_rekey:dns_zone_getdnsseckeys failed: not found" only in local bind logs ?

In addition to what Matthijs said, please make sure that all path components in /data/chroot/named/keys/dnssec/example.com/ need to have correct permissions, this is easy to get wrong. I've burnt on this too many times. Easiest way how to test is switching to the user that n

Re: new dnssec zone OK, error "zone_rekey:dns_zone_getdnsseckeys failed: not found" only in local bind logs ?

ecords are pushed to registrar->root, and all DNSSEC-analyzer tools online report all's good. i can see no functional problems. so far. that i'm aware of. but, in bind logs, locally, I see the following "zone_rekey:dns_zone_getdnsseckeys failed: not found" error, 2022-10-1

Re: new dnssec zone OK, error "zone_rekey:dns_zone_getdnsseckeys failed: not found" only in local bind logs ?

hi Think ownership, permission and things like SELinux, AppArmore depending on your OS. on this box, no SELinux or AppArmor in my named.conf directory "/namedb/production"; and for my domain's dnssec key-directory "/keys/dnssec/example.com"; pathnames are relative to chro

Re: new dnssec zone OK, error "zone_rekey:dns_zone_getdnsseckeys failed: not found" only in local bind logs ?

On 14-10-2022 15:26, PGNet Dev wrote: zone "example.com" IN { type master; file "/namedb/master/example.com.zone"; dnssec-policy "pgnd"; key-directory "/keys/dnssec/example.com"; update-policy { grant pgnd-external-rndc-key z

new dnssec zone OK, error "zone_rekey:dns_zone_getdnsseckeys failed: not found" only in local bind logs ?

no functional problems. so far. that i'm aware of. but, in bind logs, locally, I see the following "zone_rekey:dns_zone_getdnsseckeys failed: not found" error, 2022-10-14T08:47:23.569556-04:00 ns named[14285]: 14-Oct-2022 08:47:23.568 dnssec: info: zone example.com

Re: Question regarding newsyslog.conf and Bind logs

On 2022-08-25 18:04, Greg Choules wrote: Hi again J. If I understand correctly, you want to enable querylog on a busy recursive server permanently, rotate the files once a day and don't care if you lose some logs because the number of queries on a busy day generates more data tha

Re: Question regarding newsyslog.conf and Bind logs

Hi again J. If I understand correctly, you want to enable querylog on a busy recursive server permanently, rotate the files once a day and don't care if you lose some logs because the number of queries on a busy day generates more data than the specified log file is allowed to contain

Re: Question regarding newsyslog.conf and Bind logs

On 2022-08-25 16:46, Richard T.A. Neal wrote: Hi J, I'm coming a little late to the party on this one and I think you might struggle to do rotation based on both date/time *and* file size, but I use logrotate to rotate all of my BIND logs daily, keeping 31 days of logs. And you'l

RE: Question regarding newsyslog.conf and Bind logs

J wrote: > I'm looking to have my: queries.log (which logs all the queries my Bind > 9.16.30 recursive resolver resolves), rotated at the end of the day and I'd > like to keep 7 days worth of those logs. {snip} > I still want any daily log *before* it's being r

Re: Question regarding newsyslog.conf and Bind logs

On 2022-08-25 04:52, Anand Buddhdev wrote: On 25/08/2022 05:23, J Doe wrote: Hello J Doe, I was wondering if anyone could provide feedback on whether the following: newsyslog.conf file is correct to allow for daily log rotation for my Bind 9.16.30 logs ? My currently logging settings in

Re: Question regarding newsyslog.conf and Bind logs

On 2022-08-25 03:05, Greg Choules wrote: Hello J What is it you're actually trying to achieve here? Cheers, Greg Hi Greg, I'm looking to have my: queries.log (which logs all the queries my Bind 9.16.30 recursive resolver resolves), rotated at the end of the day and I'd like

Re: Question regarding newsyslog.conf and Bind logs

On 25/08/2022 05:23, J Doe wrote: Hello J Doe, I was wondering if anyone could provide feedback on whether the following: newsyslog.conf file is correct to allow for daily log rotation for my Bind 9.16.30 logs ? My currently logging settings in: named.conf are:     ...     logging

Re: Question regarding newsyslog.conf and Bind logs

Hello J What is it you're actually trying to achieve here? Cheers, Greg On Thu, 25 Aug 2022 at 04:24, J Doe wrote: > Hello, > > I was wondering if anyone could provide feedback on whether the > following: newsyslog.conf file is correct to allow for daily log > rotation for

Question regarding newsyslog.conf and Bind logs

Hello, I was wondering if anyone could provide feedback on whether the following: newsyslog.conf file is correct to allow for daily log rotation for my Bind 9.16.30 logs ? My currently logging settings in: named.conf are: ... logging { channel chn_file_queries

Re: Logs full of "timed out resolving" entries

8.8.8.8 / 8.8.4.4 etc...) for other > queries. It "works" ok but I notice weird delays in web browsing clients > where the browser says "Resolving host...", hangs for a bit (noticeably, ~a > few seconds), then loads the whole page. > > In the server logs, I s

Logs full of "timed out resolving" entries

(noticeably, ~a few seconds), then loads the whole page. In the server logs, I see lots of messages like this one: Jun 16 17:21:04 wannabe named[6982]: timed out resolving ' > trafficmanager.net/DS/IN': 8.8.4.4#53 > Jun 16 17:21:05 wannabe named[6982]: timed out resolving

Re: BIND DNS Enable audit logs - Authoritative

> > On Jan 11, 2019, at 11:33 AM, Dave Warren wrote: > > On 2019-01-11 11:55, Kevin Darcy wrote: >> I don't believe there is any logging category for this, even when zones are >> enabled for Dynamic Update, in which case the versioning is done >> automatically. There used to be a "journalprint

Re: BIND DNS Enable audit logs - Authoritative

On 2019-01-11 11:55, Kevin Darcy wrote: I don't believe there is any logging category for this, even when zones are enabled for Dynamic Update, in which case the versioning is done automatically. There used to be a "journalprint" utility that one could run against the .jnl files to show the upd

Re: BIND DNS Enable audit logs - Authoritative

(not through panel interface), is it possible to > log DNS updates in this case? > Logging is already enabled but we are unable to track the updated zones in > the logs > The enabled category on the authoritative Master DNS server are "xfer-in", > "security", &qu

RE: BIND DNS Enable audit logs - Authoritative

Daniel Dawalibi wrote: > > We edit our zones manually (not through panel interface), is it possible to > log DNS updates in this case? I would recommend using version control: git, mercurial, subversion, even RCS is better than nothing! Best time to start is about 25 years ago; second best time i

RE: BIND DNS Enable audit logs - Authoritative

> We edit our zones manually .. *cringe* No wonder you are looking for audit logging! Yikes. Outside of DDI specific solutions like Infoblox or Bluecat, you might want to check out Webmin. It logs all changes made via it's interface: https://doxfer.webmin.com/Webmin/Webmin_Actions_L

RE: BIND DNS Enable audit logs - Authoritative

Hello We edit our zones manually (not through panel interface), is it possible to log DNS updates in this case? Logging is already enabled but we are unable to track the updated zones in the logs The enabled category on the authoritative Master DNS server are "xfer-in", "secu

Re: BIND DNS Enable audit logs - Authoritative

Daniel Dawalibi wrote: > > Is it possible to enable the audit logs on BIND DNS so we can track changes > performed on the DNS records level (Add/Delete/Modify A,MX,NS,. records)? You can get that by default, depending on how the changes were performed. If you use `nsupdate` or s

BIND DNS Enable audit logs - Authoritative

Hello Is it possible to enable the audit logs on BIND DNS so we can track changes performed on the DNS records level (Add/Delete/Modify A,MX,NS,. records)? Regards Daniel ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to

Re: Cannot get BIND logs to write to the correct file.

On Mon, 2 May 2016, Sean Son wrote: > I am trying to get BIND to write its logs to two files: > > /var/log/named/named.log > > and > > /var/log/named/dnsreqs.log > > > No matter what I do , the logs are still being written to > /var/named/data/named.run >

Cannot get BIND logs to write to the correct file.

Hello all I am trying to get BIND to write its logs to two files: /var/log/named/named.log and /var/log/named/dnsreqs.log No matter what I do , the logs are still being written to /var/named/data/named.run Here is the part of my named.conf which deals with logging: logging

Re: Multiple logs

ULOG and ulogd can log to libpcap format. kev, just for sure: do you want selectively logs requests only from particulas IP addresses? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto a

Re: Multiple logs

Am 27.12.2015 um 20:08 schrieb Matus UHLAR - fantomas: On 26.12.15 20:30, kev wrote: I am using bind9 with ubuntu 14.04. I was wondering how to log by indivudual IP. Ive googled it but didnt find what i was looking for.Thanks, Am 27.12.2015 um 18:07 schrieb Matus UHLAR - fantomas: I'd cho

Re: Multiple logs

On 26.12.15 20:30, kev wrote: I am using bind9 with ubuntu 14.04. I was wondering how to log by indivudual IP. Ive googled it but didnt find what i was looking for.Thanks, Am 27.12.2015 um 18:07 schrieb Matus UHLAR - fantomas: I'd choose logging at kernel level in iptables firewall. ULOG and

Re: Multiple logs

Am 27.12.2015 um 19:36 schrieb Matus UHLAR - fantomas: On 26.12.15 20:30, kev wrote: I am using bind9 with ubuntu 14.04. I was wondering how to log by indivudual IP. Ive googled it but didnt find what i was looking for.Thanks, Am 27.12.2015 um 18:07 schrieb Matus UHLAR - fantomas: I'd cho

Re: Multiple logs

#x27;s used with ulogd, the userspace logging daemon. learn the difference and don't comment before. besides you risk a self-DOS when not be very careful and bother a critical system layer with non critical stuff it hardly has the capability to write different logs for different IP's

Re: Multiple logs

ULOG and ulogd can log to libpcap format since when is iptables a logging tool? don't abuse it and it's "-j LOG" for such things besides you risk a self-DOS when not be very careful and bother a critical system layer with non critical stuff it hardly has the capability to

Re: Multiple logs

On 26.12.15 20:30, kev wrote: I am using bind9 with ubuntu 14.04. I was wondering how to log by indivudual IP. Ive googled it but didnt find what i was looking for.Thanks,  I'd choose logging at kernel level in iptables firewall. ULOG and ulogd can log to libpcap format. -- Matus UHLAR - fanto

RE: Multiple logs

@lists.isc.org Subject: Multiple logs I am using bind9 with ubuntu 14.04. I was wondering how to log by indivudual IP. Ive googled it but didnt find what i was looking for. Thanks, Sent via the Samsung Galaxy S® 6, an AT&T 4G LTE smartphone ___ Pl

Multiple logs

I am using bind9 with ubuntu 14.04. I was wondering how to log by indivudual IP. Ive googled it but didnt find what i was looking for.Thanks,  Sent via the Samsung Galaxy S® 6, an AT&T 4G LTE smartphone___ Please visit https://lists.isc.org/mailman/list

Re: shutting up logs

Am 15.05.2015 um 08:56 schrieb G.W. Haywood: Hi there, On Fri, 15 May 2015, Reindl Harald wrote: Am 15.05.2015 um 02:01 schrieb Nick Edwards: > skipping nameserver 'ns5.concord.org' because it is a CNAME, while > resolving '210.128-25.119.138.63.in-addr.arpa/PTR

Re: shutting up logs

Hi there, On Fri, 15 May 2015, Reindl Harald wrote: Am 15.05.2015 um 02:01 schrieb Nick Edwards: > skipping nameserver 'ns5.concord.org' because it is a CNAME, while > resolving '210.128-25.119.138.63.in-addr.arpa/PTR' > > I have logs grow by about 30 megs a d

Re: shutting up logs

broken and request that it be fixed / removed as it is causing operational issues as per RFC 1034. Mark In message , Nick Edwards writes: > skipping nameserver 'ns5.concord.org' because it is a CNAME, while > resolving '210.128-25.119.138.63.in-addr.arpa/PTR' > &

Re: shutting up logs

riginal Message- From: Reindl Harald Organization: the lounge interactive design Date: Thursday, May 14, 2015 at 8:44 PM To: "bind-users@lists.isc.org" Subject: Re: shutting up logs > > >Am 15.05.2015 um 02:01 schrieb Nick Edwards: >> skipping nameserver 'ns5.concord

Re: shutting up logs

Am 15.05.2015 um 02:01 schrieb Nick Edwards: skipping nameserver 'ns5.concord.org' because it is a CNAME, while resolving '210.128-25.119.138.63.in-addr.arpa/PTR' I have logs grow by about 30 megs a day with pretty much only this in it (of course not always same remo

shutting up logs

skipping nameserver 'ns5.concord.org' because it is a CNAME, while resolving '210.128-25.119.138.63.in-addr.arpa/PTR' I have logs grow by about 30 megs a day with pretty much only this in it (of course not always same remote server), how do I shut this up ? My logging st

Re: Is it possible to have separate query logs for different views?

ED MESSAGE- > > Hash: SHA512 > > > > On 3/9/15 3:04 AM, Peter Olsson wrote: > > > Hello! > > > > > > Is it possible to have separate query logs for different views? > > > > > > I tried putting this in the view block, but it failed with &q

Re: Is it possible to have separate query logs for different views?

--BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On 3/9/15 3:04 AM, Peter Olsson wrote: > > Hello! > > > > Is it possible to have separate query logs for different views? > > > > I tried putting this in the view block, but it failed with "unknown > > opt

Re: Is it possible to have separate query logs for different views?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 3/9/15 3:04 AM, Peter Olsson wrote: > Hello! > > Is it possible to have separate query logs for different views? > > I tried putting this in the view block, but it failed with "unknown > option 'logging'"

Is it possible to have separate query logs for different views?

Hello! Is it possible to have separate query logs for different views? I tried putting this in the view block, but it failed with "unknown option 'logging'": logging { channel logging_query { file "/var/log/named/query-ins

Re: Logs problem with Bind 9.9.4

-Original Message- From: Reindl Harald Organization: the lounge interactive design Date: Friday, August 8, 2014 at 6:33 AM To: "bind-users@lists.isc.org" Subject: Re: Logs problem with Bind 9.9.4 >so if you have nothing to say go back from where you came abusive >why

Re: Logs problem with Bind 9.9.4

Am 08.08.2014 um 20:01 schrieb Warren Kumari: > [Intentional top post] > Moderator to the white courtesy phone please... > > Folk come to this list for discussions and advice on using BIND, not > for A: discussions of mailing list etiquette or B: pissing matches. so tell that Nick Edwards not me

Re: Logs problem with Bind 9.9.4

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 8/2/14 9:55 AM, Reindl Harald wrote: > jesus christ learn to use mailing-lists, stop to reply in private > and strip your qutes Constructive comments are welcome on bind-users. Criticism that does not further the discussion does not belong on the l

Re: Logs problem with Bind 9.9.4

[Intentional top post] Moderator to the white courtesy phone please... Folk come to this list for discussions and advice on using BIND, not for A: discussions of mailing list etiquette or B: pissing matches. W On Fri, Aug 8, 2014 at 6:33 AM, Reindl Harald wrote: > who do you think you are that

Re: Logs problem with Bind 9.9.4

who do you think you are that you believe you have to decide which sort of private mails i accept in case someone asks for help on a public list? it's not dictatorship to not like private respones excluding the list and refer to basic guidlines for using a mailing list the only offensive and abus

Re: Logs problem with Bind 9.9.4

gt; now your configuration block is working >> >> fine >> >> > I'm just wondering how to disable IPv6 logs??? >> >> what about show us what you are talking about? >> nobody but you knows what you see on your screen >> >>

Re: Logs problem with Bind 9.9.4

bugger off with your dictatorship do not bring it here like you take it every list you go to, well, those that you have not been kicked off of that is On 8/2/14, Reindl Harald wrote: > why do you reply off-list, in HTML and top-posting? > ___ Please vi

Re: Logs problem with Bind 9.9.4

sting? > > Am 02.08.2014 um 08:09 schrieb ahmed salim: > > the logging is (syslog) > > so you can filter in rsyslog.conf > https://www.google.at/search?q=rsyslog+filter+messages > > > now your configuration block is working > > fine

Re: Logs problem with Bind 9.9.4

how to disable IPv6 logs??? what about show us what you are talking about? nobody but you knows what you see on your screen http://www.catb.org/esr/faqs/smart-questions.html#beprecise > I tried is to disable it by editing "/etc/sysconfig/named" and make > (OPTIONS="-4"

Re: Logs problem with Bind 9.9.4

Am 01.08.2014 um 11:56 schrieb ahmed salim: > we recently installed Bind 9.9.4 on CentOS 7, and it's working properly. > the only problem that we have is the (logging), we can't stop logging. > First thing I tried is to disable IPv6 logs, by editing > "/etc/sysconf

Logs problem with Bind 9.9.4

Hi everybody we recently installed Bind 9.9.4 on CentOS 7, and it's working properly. the only problem that we have is the (logging), we can't stop logging. First thing I tried is to disable IPv6 logs, by editing "/etc/sysconfig/named" and make (OPTIONS="-4"), but tha

Re: What means -EDC in bind9 logs ?

Jean-François Leroux writes: > Hi, > must be a stupid question but I hadn't noticed before that some > queries in my server are labelled like that > > query IN A -ED (or EDC, or EC) > > What does this mean ? you'll find the documentation for query-log entries in the BIND Administra

Re: Error logs in bind resolving

On Dec 31, 2013, at 11:25 PM, Gaurav Kansal wrote: > Thanks Chris for your useful comments. > > On Dec 30, 2013, at 9:46 PM, Gaurav Kansal wrote: >>> I am getting the error message for lot of domains. >>> >>> Log of error entries are attached. >>> >> All the ones I checked were caused by

RE: Error logs in bind resolving

something else. As this DNS Server is running IPv6 only. Is it possible to configure bind so that error message should not be generated in logs file. They're logged as errors. I'm not sure I'd want to suppress these errors. Maybe your log service can be configured to filte

Re: Error logs in bind resolving

t; generated in logs file. They’re logged as errors. I’m not sure I’d want to suppress these errors. Maybe your log service can be configured to filter them out more specifically than what can be done with named’s own logging capability. Regards, Chris Buxton___

RE: Error logs in bind resolving

Hi Chris, Thanks for your response. I am getting the error message for lot of domains. Log of error entries are attached. Is it possible to configure bind so that error message should not be generated in logs file. Regards, Gaurav Kansal -Original Message- From

Re: Error logs in bind resolving

On Dec 30, 2013, at 2:29 AM, Gaurav Kansal wrote: > Dear All, > > In my bind server logs, I am getting too much error logs of below mentioned > type. > Can anyone pl. explain me why I am getting these logs and how to get rid of > those. > > Although when I am doing

Error logs in bind resolving

Dear All, In my bind server logs, I am getting too much error logs of below mentioned type. Can anyone pl. explain me why I am getting these logs and how to get rid of those. Although when I am doing dig for the domain (for which I am getting the error), I am getting the valid output

Re: NAMED LOGS

yones server for testing, or checking, with no hint of asking before doing so. Same basket as all the bots that read robots.txt then ignore it, because they can. This is becoming a bigger issue for many at present, especially when people like myself have limited bandwidth, though I check logs as

Re: NAMED LOGS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 2013-07-23 at 14:42 +1000, Mark Andrews wrote: > You just cost the rw adminstrators time and money investigation the > source of unexpected traffic. You cost everyone on the list some > time and money helping out the rw administrators. There

Re: NAMED LOGS

* Mark Andrews [2013-07-23 06:42]: >> The method is described here (Figure 4): >> http://homes.cs.washington.edu/~gribble/papers/king.pdf >> >> Using a delegation is a technical detail. It's not different than >> sending a query directly to the zone servers. > > Send queries for domains that the s

RE: NAMED LOGS

; dns...@vs.uni-due.de; bind-us...@isc.org Subject: Re: NAMED LOGS * Mark Andrews [2013-07-23 03:36]: > How do you do that with a broken delegation? Did you think to ask > before delegating a zone to a zone not configured for it? What > does your Chancellor think about using uninfor

Re: NAMED LOGS

In message <51ede640.8040...@uni-due.de>, =?ISO-8859-15?Q?Matth=E4us_Wander?= w rites: > * Mark Andrews [2013-07-23 03:36]: > > How do you do that with a broken delegation? Did you think to ask > > before delegating a zone to a zone not configured for it? What > > does your Chancellor think abo

Re: NAMED LOGS

* Mark Andrews [2013-07-23 03:36]: > How do you do that with a broken delegation? Did you think to ask > before delegating a zone to a zone not configured for it? What > does your Chancellor think about using uninformed third parties for > experiments like this? The method is described here (Fi

Re: NAMED LOGS

In message <51edcfad.5030...@uni-due.de>, =?ISO-8859-15?Q?Matth=E4us_Wander?= w rites: > > Hi, > > Grace Ingabire writes: > > > > Does anyone know what is going on here? As I can't understand why we do > > receive a lot of these messages in our logs

Re: NAMED LOGS

Hi, Grace Ingabire writes: > > Does anyone know what is going on here? As I can't understand why we do > receive a lot of these messages in our logs. > > Jul 22 14:18:21 ns1 named[13045]: client 200.222.123.108#43576: query > (cache) 'www.minghui.org.s210.ip4.verte

Re: NAMED LOGS

have helped matters if you had given the address of the name server receiving the queries. Fortunately there was enough in the logs to determine that you are a server for ORG.RW (ns1.ricta.ORG.RW 41.74.173.250) which gave a set of IP address to check. Mark

Re: NAMED LOGS

> Date: Mon, 22 Jul 2013 14:21:51 +0200 From: "Grace Ingabire" Dear Team, Does anyone know what is going on here? As I can't understand why we do receive a lot of these messages in our logs. Jul 22 14:18:21 ns1 named[13045]: client 200.222.123.108#4

Re: NAMED LOGS

On 07/22/13 20:21, Grace Ingabire wrote: Dear Team,   Does anyone know what is going on here? As I can’t understand why we do receive a lot of these messages in our logs.   Jul

Re: NAMED LOGS

stand why we do > receive a lot of these messages in our logs. > > ** ** > > Jul 22 14:18:21 ns1 named[13045]: client 200.222.123.108#43576: query > (cache) 'www.minghui.org.s210.ip4.verteiltesysteme.net/A/IN' denied > > Jul 22 14:18:21 ns1 named[1

NAMED LOGS

Dear Team, Does anyone know what is going on here? As I can't understand why we do receive a lot of these messages in our logs. Jul 22 14:18:21 ns1 named[13045]: client 200.222.123.108#43576: query (cache) 'www.minghui.org.s210.ip4.verteiltesysteme.net/A/IN' denied Jul

Re: open-source tool for filter out stats from dns logs

-Original Message- From: Jeff Wright Date: Thursday, January 3, 2013 8:41 AM To: "bind-users@lists.isc.org" Subject: Re: open-source tool for filter out stats from dns logs >There might be some tools already out there (like Splunk) that do this >for you. I think yo

Re: open-source tool for filter out stats from dns logs

There might be some tools already out there (like Splunk) that do this for you. I think you can get a free Splunk license if you parse relatively small amounts of daily data. If you're particularly concerned about open-source, this thread might also help: http://stackoverflow.com/questions/183977

Re: open-source tool for filter out stats from dns logs

Have you looked at DSC? http://dns.measurement-factory.com/tools/dsc/ It doesn't parse logs, but reads actual packet traces, and it reports many good statistics, with nice colored graphs. cv On Sat, Dec 29, 2012 at 11:56 AM, Gaurav Kansal wrote: > Dear Team, > > > > I

RE: open-source tool for filter out stats from dns logs

unique IP address for DNS queries from query log. my @val; my $i=0; #Read previously read IPs from file. open (iplog, "/tmp/out_log") or die "File doesn't exists"; while (my $ips = ) { push (@ip_addr, $ips); } close(iplog); while ($i <20) { open (OUT_LOG, 

Re: open-source tool for filter out stats from dns logs

I looked for one a while back and couldn't find any good ones. All the ones I saw simply used the named.stats file, which wasn't enough. I ended up exporting all query logs to a backend server and coding a script that imported the queries into MySQL, which I then accessed with a php

open-source tool for filter out stats from dns logs

Dear Team, I want to collect some stats (such as most which zone has queried most, which DNS Server queries us most and so on) based on my DNS Logs. Is there any open-source tool available to filter out these statistics using my dns logs. Thanks and Regards, Gaurav Kansal Mob

  1   2   >