Man Linux: Main Page and Category List

NAME

       bind8_query2dlf - convert BIND8 querylogs to dlf

SYNOPSIS

       bind8_query2dlf

DESCRIPTION

       This script converts each line in a bind8 querylog to a dns dlf record.

       BIND generates these logs when something like

        logging {
            channel query_logging {
                file "/var/log/named_querylog"
                versions 3 size 100M;
                print-time yes;                 // timestamp log entries
             };

             category queries {
                 query_logging;
             };
        };

       is in bind’s named.conf.  This will save up to three logfiles of
       maximum 100 megabytes in the directory /var/log.

       These logfiles look like:

        10-Apr-2000 00:01:20.307 XX /10.2.3.4/1.2.3.in-addr.arpa/SOA/IN
        10-Apr-2000 00:01:20.308 XX+/10.4.3.2/host.foo.com/A/IN

EXAMPLES

       To process a log as produced by bind8:

        $ bind8_query2dlf < dns-query

       bind8_query2dlf will be rarely used on its own, but is more likely
       called by lr_log2report:

        $ lr_log2report bind8_query < /var/log/dns-query

SEE ALSO

       http://www.logreport.org/doc/gen/dns/bind8.php

       bind9_query2dlf(1)

VERSION

       $Id: bind8_query2dlf.in,v 1.6 2006/07/23 13:16:33 vanbaal Exp $

COPYRIGHT

       Copyright (C) 2000-2001 Stichting LogReport Foundation
       LogReport@LogReport.org

       This program is free software; you can redistribute it and/or modify it
       under the terms of the GNU General Public License as published by the
       Free Software Foundation; either version 2 of the License, or (at your
       option) any later version.

       This program is distributed in the hope that it will be useful, but
       WITHOUT ANY WARRANTY; without even the implied warranty of
       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
       General Public License for more details.

       You should have received a copy of the GNU General Public License along
       with this program (see COPYING); if not, check with
       http://www.gnu.org/copyleft/gpl.html.

AUTHOR

       Edwin Groothuis, now maintained by Joost van Baal