From Harald.Irmer at kit.edu  Fri Aug 11 17:03:06 2017
From: Harald.Irmer at kit.edu (Harald A. Irmer)
Date: Fri, 11 Aug 2017 19:03:06 +0200
Subject: [dnstap] Could not integrate dnstap into logrotate: dnstap does not
 "obey" `named reload`
Message-ID: <0755a028-0940-50b0-4503-5e9a2c24d868@kit.edu>

Hi,

I integrated dnstap into /var/named/log: log_dnstap


/etc/logrotate.d/bind:

/var/named/log/log_* {
     daily
     rotate 10
     nomail
     compress
     delaycompress
     shred
     missingok
     notifempty
     create 0664 dns dns
     su dns dns
     dateext
     dateyesterday
     olddir OLD
     createolddir 0664 dns dns
     sharedscripts
     postrotate
         /etc/init.d/named reload > /dev/null
         find /var/named/log/OLD -mtime +10 -exec rm -f {} \;
     endscript
}

Is it possible that dnstab "obeys" `named reload`?

That would be nice


Yours

Harald

-- 

Karlsruher Institut f?r Technologie (KIT)
Fakult?t f?r Informatik
ATIS ? Abteilung Technische Infrastruktur

Harald A. Irmer
Mitarbeiter Datennetz

Am Fasanengarten 5
Geb?ude 50.34, Raum 008
76131 Karlsruhe

Telefon: +49 721 608 ? 46963
Fax: +49 721 608 ? 46699
E-Mail: Harald.Irmer at kit.edu
Web: www.atis.informatik.kit.edu/413_420.php
       www.kit.edu


KIT ? Die Forschungsuniversit?t in der Helmholtz-Gemeinschaft
  
Das KIT ist seit 2010 als familiengerechte Hochschule zertifiziert.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5391 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.redbarn.org/pipermail/dnstap/attachments/20170811/6cec78a3/attachment-0001.bin>

From daniel.stirnimann at switch.ch  Wed Aug 16 08:00:19 2017
From: daniel.stirnimann at switch.ch (Daniel Stirnimann)
Date: Wed, 16 Aug 2017 10:00:19 +0200
Subject: [dnstap] Could not integrate dnstap into logrotate: dnstap does
 not "obey" `named reload`
In-Reply-To: <0755a028-0940-50b0-4503-5e9a2c24d868@kit.edu>
References: <0755a028-0940-50b0-4503-5e9a2c24d868@kit.edu>
Message-ID: <4923fef2-f9c5-e9b9-8c22-8fe6a774b785@switch.ch>

Hi Harald,

You can use rndc to rotate the dnstap log file. Maybe you can integrate
this command into your logrotate configuration.

man rndc
...
  dnstap -roll count
		Close, rename and re-open the DNSTAP output file(s).
...

Daniel

On 11.08.17 19:03, Harald A. Irmer wrote:
> Hi,
> 
> I integrated dnstap into /var/named/log: log_dnstap
> 
> 
> /etc/logrotate.d/bind:
> 
> /var/named/log/log_* {
>      daily
>      rotate 10
>      nomail
>      compress
>      delaycompress
>      shred
>      missingok
>      notifempty
>      create 0664 dns dns
>      su dns dns
>      dateext
>      dateyesterday
>      olddir OLD
>      createolddir 0664 dns dns
>      sharedscripts
>      postrotate
>          /etc/init.d/named reload > /dev/null
>          find /var/named/log/OLD -mtime +10 -exec rm -f {} \;
>      endscript
> }
> 
> Is it possible that dnstab "obeys" `named reload`?
> 
> That would be nice
> 
> 
> Yours
> 
> Harald
> 
> 
> 
> _______________________________________________
> dnstap mailing list
> dnstap at lists.redbarn.org
> http://lists.redbarn.org/mailman/listinfo/dnstap
>