4 # Introduction into the new logging feature
5 # available since v0.96
6 # Per domain logging is enabled since v1.0
9 In previous version of dnssec-signer every message was written
10 to the default stdout and stderr channels, and the logging itself
11 was handled by a redirection of those chanels to the logger command
14 Since v0.96, the dnssec-signer command is able to log all messages
15 by itself. File and SYSLOG logging is supported.
17 To enable the logging into a file channel, you have to specify
18 the file or directory name via the commandline option -L (--logfile)
19 or via the config file parameter "LogFile".
20 LogFile: ""|"<file>"|"<directory>" (default is "")
21 If a file is specified, than each run of dnssec-signer will append the
22 messages to that file. If a directory is specified, than a file with a
23 name of zkt-<ISOdate&timeUTC>+log" will be created on each dnssec-signer run.
25 Since v1.0 per domain logging is possible.
26 If the parameter "LogDomainDir:" is not empty, than the domain specific messages
27 are written to a separate log file with a name like "zkt-<domainname>+log" in the
28 directory specified by the parameter.
29 If "LogDomainDir:" is set to ".", then the logfile will be created in the domain
30 directory of the zone.
32 Logging into the syslog channel could be enabled via the config file
33 parameter "SyslogFacility".
34 SyslogFacility: NONE|USER|DAEMON|LOCAL0|..|LOCAL7 (default is USER)
36 For both channels, the log level could be set to one of six log levels:
37 LG_FATAL, LG_ERROR, LG_WARNING
38 LB_NOTICE, LG_INFO, LG_DEBUG
40 The loglevel is settable via the config file parameter :
41 SyslogLevel: FATAL|ERROR|WARNING|NOTICE|INFO|DEBUG
44 LogLevel: FATAL|ERROR|WARNING|NOTICE|INFO|DEBUG
47 All the log parameters are settable on the commandline via the generic
48 option -O "optstring" (--config-option="optstring").
50 A verbose message output to stdout could be achieved by the commandline
52 If you like to have this verbose messages also logged with a level of LG_DEBUG
53 you should enable this by setting the config file option
54 "VerboseLog" to a value of 1 or 2.
56 Current logging messages:
57 LG_FATAL: Not all of the fatal errors are logged
58 (e.g.: config file or command line option fatal errors are
60 LG_ERROR: All error messages will be logged
61 LG_WARNING: KSK lifetime expiration
63 Start and stop of dnssec-signer
66 KSK key generation and revoking
67 Zone reload resp. freeze/thaw of dynamic zone
69 Messages for key generation/removal and ksk rollover
70 LG_DEBUG: all "verbose" (-v) and "very verbose" (-v -v) messages
72 Some recomended and useful logging settings
80 - Setting as in version v0.95
81 LogFile: "zkt-error.log" # or a directory for separate logfiles
86 - Setting as in previous versions
91 - Recommended setting for normal usage
92 LogFile: "zkt.log" # or a directory for separate logfiles
98 - Recommended setting for debugging
99 LogFile: "zkt.log" # or a directory for separate logfiles