Suppose Bind9 logs are written to the /var/log/named/ directory, have the .log extension and so that the disk space does not overflow with logs, configure logrotate.
Continue reading “Logrotate Bind9”Tag Archives: bind9
Configuring Fail2Ban for Bind9
Suppose Fail2Ban is already installed, if not, then see my article – Installing and Configuring Fail2ban.
By default, Bind9 does not write logs, so open its configuration file in any text editor:
Continue reading “Configuring Fail2Ban for Bind9”Monitoring Bind9 in Zabbix
For example, I will describe the option of monitoring the DNS server Bind9 in Zabbix.
To start, we turn on the Bind9 statistics, open the configuration file in a text editor, for example nano (Ctrl+X to exit, y/n to save or discard changes):
sudo nano /etc/bind/named.conf
And add the following lines (where the first IP and port is the interface on which statistics will be visible, and the following – from which access to it is allowed):
statistics-channels {
inet 192.168.10.1 port 8053 allow { 127.0.0.1; 192.168.10.1; 192.168.10.15;};
};
And restart Bind to apply the changes:
sudo /etc/init.d/bind9 restart
After that, in the browser typing http://192.168.10.1:8053/ you can see Bind9 statistics.
We will install the necessary components necessary for obtaining statistics from the terminal:
sudo apt-get install xml2 curl
Check if the statistics are displayed:
curl http://192.168.10.1:8053/ 2>/dev/null | xml2 | grep -A1 queries
Now we will add the parameters of Zabbix agent /etc/zabbix/zabbix_agentd.conf to the parameters that we will monitor:
# The number of connections udp to DNS: UserParameter=bind.net.udp,netstat -nua | grep :53 | wc -l # Number of tcp connections to DNS: UserParameter=bind.net.tcp,netstat -nta | grep :53 | wc -l # Number of incoming and outgoing requests: UserParameter=bind.queries.in[*],curl http://192.168.10.1:8053/ 2>/dev/null | xml2 | grep -A1 "/isc/bind/statistics/server/queries-in/rdtype/name=$1$" | tail -1 | cut -d= -f2 UserParameter=bind.queries.out[*],curl http://192.168.10.1:8053/ 2>/dev/null | xml2 | grep -A1 "/isc/bind/statistics/views/view/rdtype/name=$1$" | tail -1 | cut -d= -f2
And restart the Zabbix agent to apply the changes:
sudo /etc/init.d/zabbix-agent restart
Add data and graphics elements to the desired network node or template in the Zabbix server (type – Zabbix agent, examples of keys below):
bind.queries.in[A] bind.queries.out[A] bind.queries.in[AAAA] bind.queries.out[AAAA] bind.queries.in[NS] bind.queries.out[NS] bind.queries.in[MX] bind.queries.out[MX] bind.queries.in[PTR] bind.queries.out[PTR] bind.queries.in[SOA] bind.queries.out[SOA] bind.queries.in[TXT] bind.queries.out[TXT] bind.queries.in[ANY] bind.queries.out[ANY] etc.
See also my article:
Monitoring DNS from Zabbix
Configuring Bind9 logs
By default, Bind9 logs are written to the system log / var / log / syslog and to separate them, I will perform the actions that I will point out below.
Continue reading “Configuring Bind9 logs”Installing and Configuring DNS Server BIND9
BIND (Berkeley Internet Name Domain) — open and the most common implementation of the DNS server, which ensures that the DNS name is converted to an IP address and vice versa.
Continue reading “Installing and Configuring DNS Server BIND9”