[Dnsmasq-discuss] Separate logging facilities for dns queries and "standard" logs

Diane lists+dnsmasq at artemix.org
Tue Nov 12 20:04:21 GMT 2019


Hello,

I have a need regarding Dnsmasq:

I want to have "standard" (i.e. logs that are enabled by defualt) logs
in syslog, and I also want to retrieve every DNS query / config /
response, as to be able to build some stats on them.

I have the following constraints that make using the current
implementation unusable for this need:

- I don't want to pollute syslog with DNS query logs *at all*, but
journald still doesn't provide a way to propery filter / redirect logs;
- I still want to have my standard dnsmasq logs in the syslog;
- I don't want to depend on the underlying syslog implementation (being
rsyslog, syslog-ng, or anything else), partly due to the fact that this
need is encountered on multiple linux distros with their own syslog
choice;
- Some of those log facilities may not support log dropping (i.e.
keeping "standard" logs, and drop every redirected logs).

Now, I'm trying to find some solutions.

Would the best way really be to have a small log facility daemon
running for this specific process? That seems cumbersome.

The configuration key `log-queries` exists, wouldn't it be possible to
add the following behaviour?

- If `log-queries=` is defined but has an empty value, use the current
behaviour;
- If `log-queries=` points towards a filesystem path, exclusively write
query logs into the given file;
- If `log-queries=` is equal to, let's say "syslog", or a non-
filesystem value (e.g. a syslog id), write query logs into the used
syslog, but with *a different process key*, as to defer log handling,
but as to avoid mixing both logs.

Any idea or solution for this issue?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20191112/f1f9855f/attachment.sig>


More information about the Dnsmasq-discuss mailing list