Some of our users have asked how to rotate their (traditional, non DNSTAP) logs for BIND 9 to achieve per-day logs.
Here are some possible BIND settings that when combined with the logrotate command (available on most UNIX like systems) will create daily logs:
logging {
channel ns_log {
file "/var/log/named/named.log";
severity dynamic;
print-time yes;
print-severity yes;
print-category yes;
};
...
category default { ns_log; };
category general { ns_log; };
category config { ns_log; };
};
This disables the BIND size-based log rotation completely.
Once the log file is "just growing", you can use this logrotate configuration to keep 30 days' worth of logs in the /var/log/named/ directory:
/var/log/named/*.log {
compress
create 0644 named named
daily
dateext
missingok
notifempty
rotate 30
sharedscripts
postrotate
/usr/sbin/rndc reconfig > /dev/null 2>/dev/null || true
endscript
}
Note: this article is based on advice posted on bind-users@lists.isc.org by Stuart Browne.
For more information on how to manage BIND log files, consider watching ISC's 2021 webinars on BIND management presented by Carsten Strotmann. The session on managing log files is available on YouTube.