BIND does not log DNS queries by default. If you want to log DNS queries, you will need to add code similar to the following to
named.conf:
logging {
channel query_logging {
file "/var/log/named_querylog"
versions 3 size 100M;
print-time yes; // timestamp log entries
};
category queries {
query_logging;
};
};To have the change take effect, you need to kill the named
process and restart it , e.g. kill `cat path_to/named.pid`
followed by /usr/sbin/in.named to restart the
service. You should then be able to view the log of DNS queries.
# cat /var/log/named_querylog 11-May-2009 17:00:34.885 XX /127.0.0.1/inbound.broadbandsupport.net/A 11-May-2009 17:00:36.097 XX /192.168.1.3/cisco.com/A 11-May-2009 17:00:39.883 XX /127.0.0.1/inbound.broadbandsupport.net/A #
[ More Info ]
