我遇到了一个问题,日志文件没有在记录的信息中记录解析后的 IP 地址。如何启用此功能?因此,URL 和解析后的 IP 地址应该在日志文件中。以下是代码:
Configuration:
logging {
channel query_log {
file "/var/log/named/query.log";
severity info;
};
category queries { query_log; };
当前日志文件:
04-Nov-2015 08:28:39.261 queries: info: client 192.168.169.122#59319: query: istatic.eshopcomp.com IN A + (10.10.80.50)
04-Nov-2015 08:28:39.269 queries: info: client 192.168.212.136#48872: query: idsync.rlcdn.com IN A + (10.10.80.50)
04-Nov-2015 08:28:39.269 queries: info: client 192.168.19.61#53970: query: 3-courier.sandbox.push.apple.com IN A + (10.10.80.50)
04-Nov-2015 08:28:39.270 queries: info: client 192.168.169.122#59319: query: ajax.googleapis.com IN A + (10.10.80.50) 04-Nov-2015 08:28:39.272 queries: info: client 192.168.251.24#37028: query: um.simpli.fi IN A + (10.10.80.50)
04-Nov-2015 08:28:39.272 queries: info: client 192.168.251.24#37028: query: www.wtp101.com IN A + (10.10.80.50) 04-Nov-2015 08:28:39.273 queries: info: client 192.168.251.24#37028: query: magnetic.t.domdex.com IN A + (10.10.80.50)
04-Nov-2015 08:28:39.273 queries: info: client 172.25.111.175#59612: query: api.smoot.apple.com IN A + (10.10.80.50)
04-Nov-2015 08:28:39.275 queries: info: client 192.168.7.181#45913: query: www.miniclip.com IN A + (10.10.80.50)
所需日志文件:
.... istatic.eshopcomp.com 205.185.208.26 ....
.... idsync.rlcdn.com 54.84.163.33 ....
.... 3-courier.sandbox.push.apple.com 17.172.232.11 ....
.... ajax.googleapis.com 216.58.223.42 ....
.... um.simpli.fi 158.85.41.203 ....
.... www.wtp101.com 52.70.95.71 ....
.... magnetic.t.domdex.com 54.217.251.207 ....
.... api.smoot.apple.com 17.252.91.246 ....
.... www.miniclip.com 54.230.231.23 ....
我们将非常感谢您的帮助。
答案1
如果您实际上是权威来源,则以下配置应该可以使用:
Configuration: logging { channel query_log { file "/var/log/named/query.log"; severity info; print-time yes; print-severity yes; print-category yes; }; category queries { query_log; };
但是,您不是 ISP 或域服务。您可能没有权威性,您自己也不管理这些记录。除非您在绑定数据库中手动输入覆盖,否则您的本地绑定似乎不想参与记录其他人的响应(如果可以的话)。