Re: logging query results

In article <[EMAIL PROTECTED]>, Mark Andrews <[EMAIL PROTECTED]> wrote: > Disk i/o is just glacially slow when compared to network > i/o. To get disk logging up to network speeds you need to > throw away a lots of it. Which suggests that having filtering built into the logging

Re: logging query results

On Tue, Dec 2, 2008 at 4:28 PM, Kevin Darcy <[EMAIL PROTECTED]> wrote: > Bill Larson wrote: > >> JINMEI Tatuya / 神明達哉 <[EMAIL PROTECTED]> said: >> >> >> >>> At Fri, 28 Nov 2008 10:08:34 -0800, >>> wes <[EMAIL PROTECTED]> wrote: >>> >>> >>> I would like to know if it's possible to log the outp

Re: logging query results

Disk i/o is just glacially slow when compared to network i/o. To get disk logging up to network speeds you need to throw away a lots of it. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET

Re: logging query results

n Darcy <[EMAIL PROTECTED]> wrote: From: Kevin Darcy <[EMAIL PROTECTED]> Subject: Re: logging query results To: [EMAIL PROTECTED] Date: Wednesday, December 3, 2008, 1:28 PM Bill Larson wrote: JINMEI Tatuya / 神明達哉 <[EMAIL PROTECTED]> said: At F

Re: logging query results

's roadmap, querylog optimization. fyi on that.. --- On Wed, 12/3/08, Kevin Darcy <[EMAIL PROTECTED]> wrote: > From: Kevin Darcy <[EMAIL PROTECTED]> > Subject: Re: logging query results > To: [EMAIL PROTECTED] > Date: Wednesday, December 3, 2008, 1:28 PM > Bill Larson

Re: logging query results

Bill Larson wrote: JINMEI Tatuya / [EMAIL PROTECTED]@C#:H(B <[EMAIL PROTECTED]> said: At Fri, 28 Nov 2008 10:08:34 -0800, wes <[EMAIL PROTECTED]> wrote: I would like to know if it's possible to log the output of each dns query. Do you mean the response to each query by "outpu

Re: logging query results

On Tue, 2008-12-02 at 15:55 -0700, Bill Larson wrote: > Query logging is a great idea, but OARC has already produced a very > functional "dnscap" which will capture all DNS traffic, queries and > responses, incoming and outgoing. Maybe this type of logging functionality > could be better relega

Re: logging query results

At Tue, 2 Dec 2008 15:55:45 MST, "Bill Larson" <[EMAIL PROTECTED]> wrote: > Adding functionality for for the purpose of better operations is one thing. > Including the capability of performing zone transfers inside BIND was a great > addition rather than having a separate "named-xfer" tool. Th

Re: logging query results

JINMEI Tatuya / [EMAIL PROTECTED]@C#:H(B <[EMAIL PROTECTED]> said: > At Fri, 28 Nov 2008 10:08:34 -0800, > wes <[EMAIL PROTECTED]> wrote: > > > I would like to know if it's possible to log the output of each dns query. > > Do you mean the response to each query by "output"? > > If so, there's

Re: logging query results

On Tue, Dec 2, 2008 at 2:09 PM, JINMEI Tatuya / 神明達哉 <[EMAIL PROTECTED]>wrote: > At Fri, 28 Nov 2008 10:08:34 -0800, > wes <[EMAIL PROTECTED]> wrote: > > > I would like to know if it's possible to log the output of each dns > query. > > Do you mean the response to each query by "output"? > > If so

Re: logging query results

At Fri, 28 Nov 2008 10:08:34 -0800, wes <[EMAIL PROTECTED]> wrote: > I would like to know if it's possible to log the output of each dns query. Do you mean the response to each query by "output"? If so, there's currently no such log messages regardless of log level. We may implement it in the f

Re: logging query results

On Mon, Dec 1, 2008 at 12:32 PM, Jeremy C. Reed <[EMAIL PROTECTED]> wrote: > On Mon, 1 Dec 2008, wes wrote: > > > The result I'm looking for is "10.1.1.44" and this string does not > appear in > > any of the logs at all. > > Search for 10.in-addr.arpa. instead. > Ok, I did that, but it only appea

Re: logging query results

On Mon, 1 Dec 2008, wes wrote: > The result I'm looking for is "10.1.1.44" and this string does not appear in > any of the logs at all. Search for 10.in-addr.arpa. instead. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailm

Re: logging query results

I am still having this issue. Here is my current configuration: logging { channel log { file "/var/log/named/named.log" versions 10 size 100m; severity debug ; print-time yes; print-severity yes; print-category yes; }; cate

Re: logging query results

Good point, I had only used rndc reload to activate the changes to the conf file. The changes definitely took effect at that point, as I could then see all the debug messages in the log. But, I tried a stop && start (had to use /etc/init.d/bind9 because rndc doesn't have a start command for some re

Re: logging query results

nscap -m q -e y -c 100 -w /path/file > > captures: > - queries only > - errors only > - after 100 packets where conditions are met > - write it to a file.. > > > Enjoy! > > --- On Sat, 11/29/08, ivan jr sy <[EMAIL PROTECTED]> wrote: > > > From: iva

Re: logging query results

thanks for the info. I do indeed see tons and tons of messages from named. I even see the query itself (what people are asking for). Just not the result. It seems like I get everything except the result. -wes On Fri, Nov 28, 2008 at 10:56 AM, ivan jr sy <[EMAIL PROTECTED]> wrote: > looks like an

Re: logging query results

van jr sy <[EMAIL PROTECTED]> > Subject: Re: logging query results > To: bind-users@lists.isc.org, "wes" <[EMAIL PROTECTED]> > Date: Saturday, November 29, 2008, 7:56 AM > looks like an OK config for me. > - you should be able to view the name being queried and >

Re: logging query results

looks like an OK config for me. - you should be able to view the name being queried and from what source IP - debug10 = view the actual query (similar to dig) so you can grep the NXDOMAIN or the ANSWER are you able to view the log file? did it log the start-up processes of BIND? you should be abl