Environment
Novell Open Enterprise Server 11 (OES 11) Linux
Novell Open Enterprise Server 2 (OES 2) Linux
SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Server 11
Situation
Resolution
The logging will be sent to /var/opt/novell/log/named/named.run on OES and /var/log/messages on SLES.
For Example:
Turn on logging by typing rndc querylog at the console.
Typing rndc querylog again will turn it off.
Typing rndc querylog again will turn
it on
Now with it turned on send a query to the DNS server. For example: bogus.com.
Turn logging off with another rndc querylog command.
After doing this test I looked in the /var/opt/novell/log/named/named.run file of a test server running OES2 SP3 and found the following:
13-Mar-2014 13:39:07.015 general: server: info: query logging is now on
13-Mar-2014 13:40:46.870 general: server: info: query logging is now off
13-Mar-2014 13:41:15.558 general: server: info: query logging is now on
13-Mar-2014 13:42:10.431 queries: query: info: client 151.155.213.242#33575: query: bogus.com IN A +
13-Mar-2014 13:45:18.179 general: server: info: query logging is now off
There are other things being logged to this log file.
To just see the queries in their own file you can do a simple grep command like the following:
grep -i "query:" /var/opt/novell/log/named/named.run >> dnsqueries.log
Then use vi or cat on the dnsqueries.log