Saucepan

User Tools

Site Tools

Trace: dynamic_routing_example deploy_nios_vm install_gitolite deploy_reporting_vm
infoblox_nios:logging

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
infoblox_nios:logging [2025/07/08 09:51] – [Audit Log Rolling] bstaffordinfoblox_nios:logging [2025/12/07 13:07] (current) bstafford
Line 3: Line 3:
  
 REMEMBER! If you have query logging enabled, if the box is busy then you can easily build up to the point where all logs only go back 1 hour and the support bundle is 3.3Gb. REMEMBER! If you have query logging enabled, if the box is busy then you can easily build up to the point where all logs only go back 1 hour and the support bundle is 3.3Gb.
 +===== Query Logging Warning =====
 +NIOS 9.0.7 introduced a useful warning when query/response logging is enabled (basically, don't do it unless you know what you are doing because it could have a massive impact on performance - expecially if you have configured the system to send all the logs out via SYSLOG.
 +
 +You can disable the warning with:
 +<code>set query_logging_warnings off</code>
 +<code>set query_logging_warnings on</code>
 ===== Syslog Errors ===== ===== Syslog Errors =====
  
Line 38: Line 44:
   * audit.log.8   * audit.log.8
   * audit.log.9   * audit.log.9
 +===== Backup Logs =====
 +
 +Succeful backup via SCP generates the following syslog
 +  * Facility: Daemon
 +  * Level: Notice
 +  * Server: scheduled_scp_backups
 +  * Message: Scheduled backup to the SCP server was successful - Backup file /dir/path/to/backup/<gridname>_2025_07_25_11_15.tar.gz
 +
 +Successful backup locally generates the following syslog
 +  * Facility: Daemon
 +  * Level: Notice
 +  * Server: manage_scheduled_backups
 +  * Message: Backup to LOCAL was successful - Backup file /storage/backup/BACKUP_2025_07_25_11_15.tar.gz
 +
  
 ===== DTC Logging ===== ===== DTC Logging =====
Line 104: Line 124:
   * daemon NOTICE named[3391445] running   * daemon NOTICE named[3391445] running
  
 +====== RPZ Loggging =====
 +RPZ_SEVERITY
 +  * Informational = 4
 +  * Warning = 6
 +  * Major = 7
 +  * Critical = 8
 +
 +
 +MITIGATION_ACTION
 +  * A1 = Substitute
 +  * PT = Passthru
 +  * NX = No Such DOMAIN_NAME
 +  * ND = No Domain
 +
 +Log Breakdown
 +  * TIMESTAMP=2025-05-28 12:39:26,
 +  * VIEW=_default,
 +  * CLIENT=192.168.1.2,
 +  * RPZ_SEVERITY=7,
 +  * DOMAIN_NAME=www.slashdot.org,
 +  * RPZ_QNAME=www.slashdot.org.forward-control,
 +  * MITIGATION_ACTION=A1,
 +  * REDIRECTION_RECORD=N/A,
 +  * CAT=RPZ:forward-control,
 +  * GST=0,
 +  * LID=N/A
 +  
 +  <code>TIMESTAMP=2025-05-28 12:50:11,VIEW=_default,CLIENT=192.168.1.12,RPZ_SEVERITY=7,DOMAIN_NAME=passthru.slashdot.org,RPZ_QNAME=passthru.slashdot.org.forward-control,MITIGATION_ACTION=PT,REDIRECTION_RECORD=N/A,CAT=RPZ:forward-control,GST=0,LID=N/A</code>
 +  
 +  <code>TIMESTAMP=2025-05-28 12:50:04,VIEW=_default,CLIENT=192.168.1.12,RPZ_SEVERITY=7,DOMAIN_NAME=nosuchdomain.slashdot.org,RPZ_QNAME=nosuchdomain.slashdot.org.forward-control,MITIGATION_ACTION=NX,REDIRECTION_RECORD=N/A,CAT=RPZ:forward-control,GST=0,LID=N/A</code>
 +  
 +  <code>TIMESTAMP=2025-05-28 12:49:55,VIEW=_default,CLIENT=192.168.1.12,RPZ_SEVERITY=7,DOMAIN_NAME=blockname.slashdot.org,RPZ_QNAME=blockname.slashdot.org.forward-control,MITIGATION_ACTION=ND,REDIRECTION_RECORD=N/A,CAT=RPZ:forward-control,GST=0,LID=N/A</code>
 +  
  
  
  
infoblox_nios/logging.1751968287.txt.gz · Last modified: by bstafford