README
README.logging
1#
2# README.logging
3#
4# Introduction into the new logging feature
5# available since v0.96
6# Per domain logging is enabled since v1.0
7#
8
9In previous version of dnssec-signer every message was written
10to the default stdout and stderr channels, and the logging itself
11was handled by a redirection of those chanels to the logger command
12or to a file.
13
14Since v0.96, the dnssec-signer command is able to log all messages
15by itself. File and SYSLOG logging is supported.
16
17To enable the logging into a file channel, you have to specify
18the file or directory name via the commandline option -L (--logfile)
19or via the config file parameter "LogFile".
20 LogFile: ""|"<file>"|"<directory>" (default is "")
21If a file is specified, than each run of dnssec-signer will append the
22messages to that file. If a directory is specified, than a file with a
23name of zkt-<ISOdate&timeUTC>+log" will be created on each dnssec-signer run.
24
25Since v1.0 per domain logging is possible.
26If the parameter "LogDomainDir:" is not empty, than the domain specific messages
27are written to a separate log file with a name like "zkt-<domainname>+log" in the
28directory specified by the parameter.
29If "LogDomainDir:" is set to ".", then the logfile will be created in the domain
30directory of the zone.
31
32Logging into the syslog channel could be enabled via the config file
33parameter "SyslogFacility".
34 SyslogFacility: NONE|USER|DAEMON|LOCAL0|..|LOCAL7 (default is USER)
35
36For both channels, the log level could be set to one of six log levels:
37 LG_FATAL, LG_ERROR, LG_WARNING
38 LB_NOTICE, LG_INFO, LG_DEBUG
39
40The loglevel is settable via the config file parameter :
41 SyslogLevel: FATAL|ERROR|WARNING|NOTICE|INFO|DEBUG
42 (default is ERROR)
43and
44 LogLevel: FATAL|ERROR|WARNING|NOTICE|INFO|DEBUG
45 (default is NOTICE)
46
47All the log parameters are settable on the commandline via the generic
48option -O "optstring" (--config-option="optstring").
49
50A verbose message output to stdout could be achieved by the commandline
51option -v (or -v -v).
52If you like to have this verbose messages also logged with a level of LG_DEBUG
53you should enable this by setting the config file option
54"VerboseLog" to a value of 1 or 2.
55
56Current logging messages:
57 LG_FATAL: Not all of the fatal errors are logged
58 (e.g.: config file or command line option fatal errors are
59 not logged)
60 LG_ERROR: All error messages will be logged
61 LG_WARNING: KSK lifetime expiration
62 LG_NOTICE:
63 Start and stop of dnssec-signer
64 Re-signing events
65 Key rollover events
66 KSK key generation and revoking
67 Zone reload resp. freeze/thaw of dynamic zone
68 LG_INFO: Currently none
69 planned:
70 Mesages for key generation and key status change
71 (e.g.: pre-publish -> activate; revoked -> removed etc.)
72 LG_DEBUG: all "verbose" (-v) and "very verbose" (-v -v) messages
73
74Some recomended and useful logging settings
75
76- The default setting
77 LogFile: ""
78 SyslogFacility: USER
79 SyslogLevel: NOTICE
80 VerboseLog: 0
81
82- Setting as in version v0.95
83 LogFile: "zkt-error.log" # or a directory for separate logfiles
84 LogLevel: ERROR
85 SyslogFacility: NONE
86 VerboseLog: 0
87
88- Setting as in previous versions
89 LogFile: ""
90 SyslogFacility: NONE
91 VerboseLog: 0
92
93- Recommended setting for normal usage
94 LogFile: "zkt.log" # or a directory for separate logfiles
95 LogLevel: ERROR
96 SyslogFacility: USER
97 SyslogLevel: NOTICE
98 VerboseLog: 0
99
100- Recommended setting for debugging
101 LogFile: "zkt.log" # or a directory for separate logfiles
102 LogLevel: DEBUG
103 SyslogFacility: USER
104 SyslogLevel: NOTICE
105 VerboseLog: 2
106