Log File Redirection (124 Views)
Reply
Frequent Advisor
Posts: 81
Registered: ‎10-30-2000
Message 1 of 10 (124 Views)

Log File Redirection

Hi,

In our DNS Server running HPUX 11.00,
all DNS logs are getting appended to
/var/adm/syslog/syslog.log file.

We would like to redirect these DNS logs to
a separate file for easy administration.

Can any one tell the procedure to achieve this.

Thanks in Advance,

Roobala

Honored Contributor
Posts: 1,453
Registered: ‎04-04-2001
Message 2 of 10 (124 Views)

Re: Log File Redirection

Hi

Should you wish to disabled the syslog entries perform the following:

1. install DNS patch or replacement.
[PHNE_20618/PACHRDME/English] : s700_800 10.X BIND 4.9.7 components
2. run named command with -X option.
# named -X
* To set option in boot file,
# vi /etc/rc.config.d/namesvrs
love computers
Honored Contributor
Posts: 3,242
Registered: ‎07-21-1998
Message 3 of 10 (124 Views)

Re: Log File Redirection

Hi

Why not extract these entries from the syslog.log file?

e.g.

# Extract DNS info
cat /var/adm/syslog/syslog.log |grep dns >> /tmp/DNS.log

# Clean the syslog.log
cat /var/adm/syslog/syslog.log |grep ?v dns >> /var/adm/syslog/syslog.log

Ensure that the grep ?dns? extracts the info you require.

This can either be cronned or menu driven .

HTH

Paula

cat /var/adm/syslog
If you can spell SysAdmin then you is one - anon
Honored Contributor
Posts: 3,242
Registered: ‎07-21-1998
Message 4 of 10 (124 Views)

Re: Log File Redirection

Hi

Please ignore the "cat /var/adm/syslog ".

I do not know where it came from

;-)

Paula
If you can spell SysAdmin then you is one - anon
Honored Contributor
Posts: 1,353
Registered: ‎03-20-2001
Message 5 of 10 (124 Views)

Re: Log File Redirection

Edit /etc/syslog.conf.
Frequent Advisor
Posts: 81
Registered: ‎10-30-2000
Message 6 of 10 (124 Views)

Re: Log File Redirection

Hi All

I wanted to have separate log file for DNS logs and remaning all the logs let be there in syslog.log itself.

I want the same to get appended automatically by the system.

If it can be done by editing /etc/syslog.conf.......how ?
Can any one tell how to configure syslog for this requirement?

Thanks in Advance
Roobala
Honored Contributor
Posts: 1,453
Registered: ‎04-04-2001
Message 7 of 10 (124 Views)

Re: Log File Redirection

Hi

if you want ot can disable all the degubing option of the dns with the command /usr/sbin/sig_named

here is the link to see the doc :
http://www.docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B2355-90147/B2355-90147_top...

it will also will be a big help if you will give up with details about the message that you are getting in the syslog but i thing that the sig_named will help with ( the ip is level 2 )
love computers
Honored Contributor
Posts: 1,343
Registered: ‎12-17-1998
Message 8 of 10 (124 Views)

Re: Log File Redirection

You want to do this with /etc/syslog.conf
Best bet is to read the man pages thoroughly.
I use a separate log, which you can define in /etc/syslog.conf on mail servers for mail logs, dns entries for DNS servers, etc...

Remember that you will have to edit the startup script /sbin/init.d/syslog to rotate any new logs.

I can not believe that people so quickly want to delete everything! Dont listen to the lazy people who dont want to know about their systems! Especially with all of the BIND vulnerabilities, it is good to know who is using your servers, and for what. If you blind yourself by removing the NFO, your more prone to be succeptable to an attack/hack/DOS, etc...

Regards,
Shannon
Microsoft. When do you want a virus today?
Esteemed Contributor
Posts: 273
Registered: ‎02-04-2001
Message 9 of 10 (124 Views)

Re: Log File Redirection

Hi,

Which version of BIND do you use? With BIND 8/9 you can use the "logging", "channel" and "category" directives to configure logging channels.
For the "category default" you can then use your own file channel instead of the syslog channel that BIND normally uses.

HTH,

Vincent
Respected Contributor
Posts: 215
Registered: ‎07-06-2000
Message 10 of 10 (124 Views)

Re: Log File Redirection


Not just a response but another question.

QUESTION :
I know it's possible to separate some types of
logs : kern, mail, daemon,... But it's define
by /usr/include/syslog.h and there is nothing
about named (dns) ! DNS is a part of deamon
class so how to separate dns from other deamons ?

CONTRIB :
To extract information from syslog you can
see that lines about named already contain
"named" so you can use :

grep named /var/adm/syslog/syslog.log

to do that.

Bye,

Herve
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.