Hi Darren, On 5/7/19 12:09 AM, Darren S. via Unbound-users wrote: > Is there a simple way in Unbound to output a query log for each client > query to the resolver? Looking for: > > - All cache hits > - All cache misses > - Inclusion of client IP address and query source port > > Was looking at `verbosity` option but understood it to indicate that > only level 5 logs client info, and only cache misses in that case. I > have a very low volume deployment and the overhead of query logging > shouldn't be an issue, but it would be ideal if we didn't have to deal > with level 5 logging in the output. > > Hoping to avoid dnstap for now as would prefer to stay with native OS > package and no additional dependencies.
Yes this feature exists already. In fact a number of config statements. The shortest is log-queries: yes in unbound.conf. log-queries: yes prints that information. log-replies: yes prints in addition the reply in a short form. log-tag-queryreply: yes prints the tags "query" and "reply" instead of "info" that the above two log. log-local-actions: yes prints local zone activity (but that is not what you asked for). log-servfail: yes prints why servfail was returned to clients. log-time-ascii: yes prints the timestamp in readable format instead of epoch. val-log-level: 2 logs DNSSEC validation failures to log (but may also be included in log-servfail). Best regards, Wouter > > -- > Darren Spruell > [email protected] >
signature.asc
Description: OpenPGP digital signature
