Configure ISC BIND server logs
The Splunk Add-on for ISC BIND monitors the log files generated by the ISC BIND server. Configure logging channels for each of the following logs in the ISC BIND server configuration file (named.conf) on the ISC BIND server.
- notify.log
- network.log
- queries.log
- query-errors.log
- lame-servers.log
Configure logging channels by updating the logging section of /etc/named.conf as shown in the example.
logging {
channel default_channel {
file "/var/log/named/default.log";
print-time yes;
print-category yes;
print-severity yes;
severity dynamic;
};
channel general_channel {
file "/var/log/named/general.log";
print-time yes;
print-category yes;
print-severity yes;
severity dynamic;
};
channel notify_channel {
file "/var/log/named/notify.log";
print-time yes;
print-category yes;
print-severity yes;
severity dynamic;
};
channel network_channel {
file "/var/log/named/network.log";
print-time yes;
print-category yes;
print-severity yes;
severity dynamic;
};
channel queries_channel {
file "/var/log/named/queries.log";
print-time yes;
print-category yes;
print-severity yes;
severity dynamic;
};
channel query-errors_channel {
file "/var/log/named/query-errors.log";
print-time yes;
print-category yes;
print-severity yes;
severity dynamic;
};
channel lame-servers_channel {
file "/var/log/named/lame-servers.log";
print-time yes;
print-category yes;
print-severity yes;
severity dynamic;
};
category default { default_channel; };
category general { general_channel; };
category notify { notify_channel; };
category network { network_channel; };
category queries { queries_channel; };
category query-errors { query-errors_channel; };
category lame-servers { lame-servers_channel; };
};
Last modified on 21 July, 2021
| Install the Splunk Add-on for ISC BIND | Configure monitor inputs for the Splunk Add-on for ISC BIND |
This documentation applies to the following versions of Splunk® Supported Add-ons: released
Download manual
Feedback submitted, thanks!