Adding logging for Bind

diff --git a/bind/conf.sls b/bind/conf.sls
index 7eb9da33dd447ed784e9cf2ad21abd7575e0459c..694c1d6c9fb1c1bbb1cbb328b5287fbd5c1de16e 100644 (file)
--- a/bind/conf.sls
+++ b/bind/conf.sls
@@ -9,3 +9,19 @@
     - backup: minion
     - require:
       - file: /etc/bind
+
+/etc/bind/named-log.conf:
+  file.managed:
+    - source: salt://bind/files/named-log.conf
+    - user: root
+    - group: root
+    - mode: 644
+    - template: jinja
+    - backup: minion
+    - require:
+      - file: /etc/bind
+      - file: /var/log/bind
+
+
+
+# vim: filetype=sls

diff --git a/bind/dirs.sls b/bind/dirs.sls
index 152cfcc9c3f078e8e0d4d54d4fc137dee5b47455..bab58c880b07060fd55c734d91335376af5b182b 100644 (file)
--- a/bind/dirs.sls
+++ b/bind/dirs.sls
@@ -35,6 +35,17 @@
       - group: bind-group
       - user: bind-user
 
+/var/log/bind/.old:
+  file.directory:
+    - user: bind
+    - group: bind
+    - dir_mode: 755
+    - makedirs: True
+    - require:
+      - group: bind-group
+      - user: bind-user
+      - file: /var/log/bind
+
 /etc/bind/dnssec:
   file.directory:
     - user: root

diff --git a/bind/files/named-log.conf b/bind/files/named-log.conf
new file mode 100644 (file)
index 0000000..70a0b92
--- /dev/null
+++ b/bind/files/named-log.conf
@@ -0,0 +1,87 @@
+//###############################################################
+//# Bind9-Konfigurationsdatei Logging
+//# /etc/bind/named-log.conf
+//#
+//# Host {{ grains['fqdn'] }}
+//#
+//###############################################################
+
+//###############################################################
+//# Angaben zum Logging
+
+logging {
+
+       //---------------------------------------
+       // Channels
+
+       channel complete_debug {
+               file "/var/log/bind/complete-debug.log";
+               print-category yes;
+               print-severity yes;
+               print-time yes;
+               severity debug 99;
+       };
+
+       channel logtofile {
+               file "/var/log/bind/named.log";
+               print-category yes;
+               print-severity yes;
+               print-time yes;
+               severity info;
+       };
+
+       channel moderate_debug {
+               file "/var/log/bind/debug.log";
+               print-category yes;
+               print-severity yes;
+               print-time yes;
+               severity debug 1;
+       };
+
+       channel query_logging {
+               file "/var/log/bind/query.log";
+               print-time yes;
+       };
+
+       channel security_file {
+               file "/var/log/bind/security.log";
+               print-category yes;
+               print-severity yes;
+               print-time yes;
+               severity dynamic;
+       };
+
+       channel syslog-warning {
+               syslog daemon;
+               severity warning;
+       };
+
+
+       //---------------------------------------
+       // Categories
+
+       category default {
+               default_debug;
+               logtofile;
+       };
+
+       category general {
+               logtofile;
+               syslog-warning;
+       };
+
+       category lame-servers {
+               null;
+       };
+
+       category queries {
+               query_logging;
+       };
+
+       category security {
+               security_file;
+       };
+
+};
+
+# vim: ts=4 filetype=named noai