是否可以停止记录特定的 BIND 日志消息?

tag-icon tag-icon ubuntu logs bind tuning
是否可以停止记录特定的 BIND 日志消息?

我设置了一个 BIND DNS 服务器和一个 munin 监控系统,该系统也配置为监控 BIND。操作系统是Ubuntu Server 12.04.4,附带的BIND版本是9.8.1-P1

Munin 每 5 分钟运行一次,并执行绑定命令rndc stats,该命令向我的绑定日志文件发送以下消息:

29-May-2014 01:30:04.070 general: info: received control channel command 'stats'
29-May-2014 01:30:04.073 general: info: dumpstats complete
29-May-2014 01:30:04.150 general: info: received control channel command 'stats'
29-May-2014 01:30:04.150 general: info: dumpstats complete
29-May-2014 01:35:03.112 general: info: received control channel command 'stats'
29-May-2014 01:35:03.112 general: info: dumpstats complete
29-May-2014 01:35:03.229 general: info: received control channel command 'stats'
29-May-2014 01:35:03.230 general: info: dumpstats complete
29-May-2014 01:40:03.183 general: info: received control channel command 'stats'
29-May-2014 01:40:03.185 general: info: dumpstats complete
29-May-2014 01:40:03.348 general: info: received control channel command 'stats'
29-May-2014 01:40:03.348 general: info: dumpstats complete

有什么方法可以细粒度 BIND 日志记录并仅排除此消息吗?

请注意,我不想降低general日志消息的严重性,而只想禁用/排除这条确实淹没了我的日志文件的特定消息。

以下是我当前的日志记录配置:

logging {
        // reduce log verbosity on issues outside our control
        category lame-servers { null; };

        // Use "severity dynamic" for debugging
        channel b_default_log {
                file "/var/log/named/bind.log" versions 30 size 1m;
                print-time yes;
                print-category yes;
                print-severity yes;
                severity info;
        };

        channel b_resolver_log {
                file "/var/log/named/resolver.log" versions 5 size 1m;
                print-time yes;
                print-category yes;
                print-severity yes;
                severity dynamic;
        };

        channel b_config_log {
                file "/var/log/named/config.log" versions 5 size 1m;
                print-time yes;
                print-category yes;
                print-severity yes;
                severity dynamic;
        };

        channel b_edns_disabled_log {
                file "/var/log/named/edns_disabled.log" versions 5 size 1m;
                print-time yes;
                print-category yes;
                print-severity yes;
                severity dynamic;
        };

        // The query.log is needed for munin monitoring
        channel b_query_log {
                file "/var/log/named/query.log" versions 20 size 10m;
                print-time yes;
                severity info;
        };

        category default { b_default_log; };
        category resolver { b_resolver_log; };
        category config { b_config_log; };
        category queries { b_query_log; };
        category edns-disabled { b_edns_disabled_log; };
};

答案1

您可以使用日志守护程序过滤掉消息。

例如,将其添加到 /etc/rsyslog.conf

# Suppress certain Bind messages
:msg, contains, "received control channel command"  ~
:msg, contains, "dumpstats complete"                ~

波形符 (~) 防止该行出现在日志文件中。

相关内容