munin
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | |||
|
munin [2020/08/04 05:20] willy |
munin [2020/08/07 10:35] (current) willy improvements |
||
|---|---|---|---|
| Line 10: | Line 10: | ||
| - | ====== Configuration côté client ====== | + | ====== Configuration côté serveur à monitorer ====== |
| * Installer les paquets: | * Installer les paquets: | ||
| Line 31: | Line 31: | ||
| Ajouter le fichier ''/etc/munin/plugin-conf.d/99-bind'' avec le contenu suivant: | Ajouter le fichier ''/etc/munin/plugin-conf.d/99-bind'' avec le contenu suivant: | ||
| <code> | <code> | ||
| + | [bind9] | ||
| + | env.logfile /var/log/named/query.log | ||
| + | |||
| [bind9_rndc] | [bind9_rndc] | ||
| user root | user root | ||
| - | env.querystats /var/log/bind9/named.stats | + | env.querystats /var/log/named/named.stats |
| </code> | </code> | ||
| - | Créer le dossier /var/log/bind9 | + | Créer le dossier /var/log/named |
| <code bash> | <code bash> | ||
| - | mkdir /var/log/bind9 | + | mkdir /var/log/named |
| - | chown bind:bind /var/log/bind9 | + | chown bind:bind /var/log/named |
| </code> | </code> | ||
| - | Demander la permission à AppArmor. En gros il s'agit de modifier deux fichiers comme indiqué dans le diff: | + | :!: Sur debian (10), il existe déjà un profil apparmor qui prend en compte le dossier ''/var/log/named'' |
| - | * /etc/apparmor.d/usr.sbin.named | + | |
| - | * /etc/apparmor.d/local/usr.sbin.named | + | |
| - | <code diff [enable_line_numbers="true"],[highlight_lines_extra="11,19"]> | + | |
| - | root@vps2:/etc# git diff 135f HEAD apparmor.d/usr.sbin.named | + | |
| - | diff --git a/apparmor.d/usr.sbin.named b/apparmor.d/usr.sbin.named | + | |
| - | index a4622da..b11451e 100644 | + | |
| - | --- a/apparmor.d/usr.sbin.named | + | |
| - | +++ b/apparmor.d/usr.sbin.named | + | |
| - | @@ -90,5 +90,5 @@ | + | |
| - | owner /var/tmp/krb5_* rwk, | + | |
| - | + | ||
| - | # Site-specific additions and overrides. See local/README for details. | + | |
| - | - #include <local/usr.sbin.named> | + | |
| - | + include <local/usr.sbin.named> | + | |
| - | } | + | |
| - | root@vps2:/etc# git diff 135f HEAD apparmor.d/local/usr.sbin.named | + | |
| - | diff --git a/apparmor.d/local/usr.sbin.named b/apparmor.d/local/usr.sbin.named | + | |
| - | index e69de29..dc0c2fd 100644 | + | |
| - | --- a/apparmor.d/local/usr.sbin.named | + | |
| - | +++ b/apparmor.d/local/usr.sbin.named | + | |
| - | @@ -0,0 +1 @@ | + | |
| - | + /var/log/bind9/** rwk, | + | |
| - | </code> | ||
| - | |||
| - | Oui, je sais, c'est overkill 8-) . Tout ça pour deux lignes (lignes 11 et 19). | ||
| - | |||
| - | Redémarrer apparmor | ||
| - | <code bash> | ||
| - | systemctl restart apparmor | ||
| - | </code> | ||
| - | |||
| - | * | ||
| Mettre a jour le fichier ''/etc/bind/named.conf.options'' | Mettre a jour le fichier ''/etc/bind/named.conf.options'' | ||
| <code diff [enable_line_numbers="true"]> | <code diff [enable_line_numbers="true"]> | ||
| Line 86: | Line 57: | ||
| listen-on-v6 { any; }; | listen-on-v6 { any; }; | ||
| - | + statistics-file "/var/log/bind9/named.stats"; | + | + statistics-file "/var/log/named/named.stats"; |
| +}; | +}; | ||
| + | + | ||
| +logging { | +logging { | ||
| + channel b_log { | + channel b_log { | ||
| - | + file "/var/log/bind9/bind.log" versions 30 size 1m; | + | + file "/var/log/named/bind.log" versions 30 size 1m; |
| + print-category yes; | + print-category yes; | ||
| + print-severity yes; | + print-severity yes; | ||
| Line 99: | Line 70: | ||
| + | + | ||
| + channel b_debug { | + channel b_debug { | ||
| - | + file "/var/log/bind9/debug.log" versions 2 size 1m; | + | + file "/var/log/named/debug.log" versions 2 size 1m; |
| + print-category yes; | + print-category yes; | ||
| + print-severity yes; | + print-severity yes; | ||
| Line 107: | Line 78: | ||
| + | + | ||
| + channel b_query { | + channel b_query { | ||
| - | + file "/var/log/bind9/query.log"; | + | + file "/var/log/named/query.log"; |
| + print-severity yes; | + print-severity yes; | ||
| + print-time yes; | + print-time yes; | ||
| Line 129: | Line 100: | ||
| Ajouter le fichier ''/etc/logrotate.d/bind'' avec le contenu suivant. | Ajouter le fichier ''/etc/logrotate.d/bind'' avec le contenu suivant. | ||
| - | <code> | + | <code bash [enable_line_numbers="true"]> |
| - | /var/log/bind9/query.log | + | /var/log/named/query.log |
| - | /var/log/bind9/named.stats | + | /var/log/named/named.stats |
| { | { | ||
| Line 143: | Line 114: | ||
| } | } | ||
| </code> | </code> | ||
| + | |||
| + | Bien sur tout cela est ajustable en fonction de votre environnement notamment les lignes 5 et 6 | ||
| ==== Aperçu ==== | ==== Aperçu ==== | ||
| Line 155: | Line 128: | ||
| - | ====== Configuration côté serveur ====== | + | ====== Configuration côté serveur monitoring ====== |
munin.1596518413.txt.gz · Last modified: 2020/08/04 05:20 by willy
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
