All..
We have 2008 M$ dns servers (running M$ DNS ) and bind servers on Linux
We are looking to tweak the M$ servers down to the same "level" as
the bind servers.. if possible..
the bind logging statement
-----
category lame-servers { null; };
category resolver { null; };
category queries { log_requests; };
channel log_requests
{
file "/var/log/named/queries.log" versions 10 size 100m;
print-time yes;
print-category yes;
print-severity yes;
};
-----
So far, we have found the Microsoft KB198408 that says:
"The DNS server can generate a more detailed log than is practical to
include in the Windows NT event log. This includes everything from
simply including events excluded from the event log, to a summary of
every packet in and out of the server."
It looks like there is a registry tweak needed..
Value: LogLevel
Added: SP4 (April 98)
Type: DWORD (Bitfield)
Default: NoKey (Zero -- No logging)
Function: Determines level of logging to file (Dns.log).
#define DNS_LOG_LEVEL_ALL_PACKETS 0x0000ffff
#define DNS_LOG_LEVEL_NON_QUERY 0x000000fe
#define DNS_LOG_LEVEL_QUERY 0x00000001
#define DNS_LOG_LEVEL_NOTIFY 0x00000010
#define DNS_LOG_LEVEL_UPDATE 0x00000020
#define DNS_LOG_LEVEL_QUESTIONS 0x00000100
#define DNS_LOG_LEVEL_ANSWERS 0x00000200
#define DNS_LOG_LEVEL_SEND 0x00001000
#define DNS_LOG_LEVEL_RECV 0x00002000
#define DNS_LOG_LEVEL_UDP 0x00004000
#define DNS_LOG_LEVEL_TCP 0x00008000
#define DNS_LOG_LEVEL_DS_WRITE 0x00010000
#define DNS_LOG_LEVEL_DS_UPDATE 0x00020000
#define DNS_LOG_LEVEL_FULL_PACKETS 0x01000000
#define DNS_LOG_LEVEL_WRITE_THROUGH 0x80000000
We will continue to search but hoped there might be some help on the list..
VR
Charles
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
