Hello We edit our zones manually (not through panel interface), is it possible to log DNS updates in this case? Logging is already enabled but we are unable to track the updated zones in the logs The enabled category on the authoritative Master DNS server are "xfer-in", "security", "network", "default", "config", "queries" and "update".
How can we enable the journal files in our case? Is there any impact on the DNS performance? Regards Daniel -----Original Message----- From: Tony Finch [mailto:d...@dotat.at] Sent: Tuesday, January 8, 2019 2:05 PM To: Daniel Dawalibi Cc: bind-users@lists.isc.org Subject: Re: BIND DNS Enable audit logs - Authoritative Importance: High Daniel Dawalibi <daniel.dawal...@idm.net.lb> wrote: > > Is it possible to enable the audit logs on BIND DNS so we can track > changes performed on the DNS records level (Add/Delete/Modify A,MX,NS,. records)? You can get that by default, depending on how the changes were performed. If you use `nsupdate` or some other dynamic DNS UPDATE client, `named` will log changes like this ... 08-Jan-2019 11:55:09.826 update: info: client @0x55b747f47ec0 ::1#5685/key local-ddns: updating zone 'private.cam.ac.uk/IN': adding an RR at 'private.cam.ac.uk' SOA primary.dns.cam.ac.uk. hostmaster.cam.ac.uk. 1546948509 1800 900 604800 3600 08-Jan-2019 11:55:09.826 update: info: client @0x55b747f47ec0 ::1#5685/key local-ddns: updating zone 'private.cam.ac.uk/IN': adding an RR at 'QQQQ.lcil.private.cam.ac.uk' A 172.22.QQ.QQ The changes are also recorded in the zone's journal, which you can extract like: $ named-journalprint /home/named/zone/private.cam.ac.uk.jnl [...] del private.cam.ac.uk. 3600 IN SOA primary.dns.cam.ac.uk. hostmaster.cam.ac.uk. 1546944908 1800 900 604800 3600 add private.cam.ac.uk. 3600 IN SOA primary.dns.cam.ac.uk. hostmaster.cam.ac.uk. 1546948509 1800 900 604800 3600 add QQQQ.lcil.private.cam.ac.uk. 3600 IN A 172.22.QQ.QQ You might want to use the `ixfr-from-differences` and `max-journal-size` options if you care about preserving journal contents. Alternatively, keep your zone contents in `git` or a database that keeps an audit log :-) Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ Mull of Galloway to Mull of Kintyre including the Firth of Clyde and North Channel: Northwesterly 4 or 5, occasionally 6 at first in the North Channel, becoming variable 3 or less. Moderate, becoming smooth or slight. Occasional rain later. Good, occasionally moderate later. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
