I've been scouring the internet for an answer to this - being new to setting up DNS, I can't believe that there's not a clear option for this.
All I'm trying to do is have named write to a log each time it receives a request that it can't find and has to return NXDOMAIN. That's it. It seems like that shouldn't be hard.
named.conf:
logging {
channel default_debug {
file "data/named.run";
severity debug 1;
};
channel errors {
file "/var/log/named/query_errors.log";
print-time yes;
print-category yes;
print-severity yes;
severity debug 2;
};
category query-errors {
errors;
};
category unmatched {
errors;
};
channel queries {
file "/var/log/named/queries.log";
print-time yes;
print-category yes;
print-severity yes;
severity debug 2;
};
category queries {
queries;
};
};
For some reason, the categories query-errors and unmatched don't log NXDOMAIN returns.
Does anyone know how I can do this with named and not some third party monitoring?
Update
I went through the documentation at:
http://ftp.isc.org/isc/bind9/cur/9.10/doc/arm/Bv9ARM.ch06.html#logging_statement
And then added every single logging Category to my named.conf, and dumped all of their output at debug level 3 to file. It was 1500 lines for 3 practice DNS requests. Not a single mention of NXDOMAIN or of a failed lookup being passed to the client.
