1# 2# README.logging 3# 4# Introduction into the new logging feature 5# available since v0.96 6# Per domain logging is enabled since v1.0 7# 8 9In previous version of dnssec-signer every message was written 10to the default stdout and stderr channels, and the logging itself 11was handled by a redirection of those chanels to the logger command 12or to a file. 13 14Since v0.96, the dnssec-signer command is able to log all messages 15by itself. File and SYSLOG logging is supported. 16 17To enable the logging into a file channel, you have to specify 18the file or directory name via the commandline option -L (--logfile) 19or via the config file parameter "LogFile". 20 LogFile: ""|"<file>"|"<directory>" (default is "") 21If a file is specified, than each run of dnssec-signer will append the 22messages to that file. If a directory is specified, than a file with a 23name of zkt-<ISOdate&timeUTC>+log" will be created on each dnssec-signer run. 24 25Since v1.0 per domain logging is possible. 26If the parameter "LogDomainDir:" is not empty, than the domain specific messages 27are written to a separate log file with a name like "zkt-<domainname>+log" in the 28directory specified by the parameter. 29If "LogDomainDir:" is set to ".", then the logfile will be created in the domain 30directory of the zone. 31 32Logging into the syslog channel could be enabled via the config file 33parameter "SyslogFacility". 34 SyslogFacility: NONE|USER|DAEMON|LOCAL0|..|LOCAL7 (default is USER) 35 36For both channels, the log level could be set to one of six log levels: 37 LG_FATAL, LG_ERROR, LG_WARNING 38 LB_NOTICE, LG_INFO, LG_DEBUG 39 40The loglevel is settable via the config file parameter : 41 SyslogLevel: FATAL|ERROR|WARNING|NOTICE|INFO|DEBUG 42 (default is ERROR) 43and 44 LogLevel: FATAL|ERROR|WARNING|NOTICE|INFO|DEBUG 45 (default is NOTICE) 46 47All the log parameters are settable on the commandline via the generic 48option -O "optstring" (--config-option="optstring"). 49 50A verbose message output to stdout could be achieved by the commandline 51option -v (or -v -v). 52If you like to have this verbose messages also logged with a level of LG_DEBUG 53you should enable this by setting the config file option 54"VerboseLog" to a value of 1 or 2. 55 56Current logging messages: 57 LG_FATAL: Not all of the fatal errors are logged 58 (e.g.: config file or command line option fatal errors are 59 not logged) 60 LG_ERROR: All error messages will be logged 61 LG_WARNING: KSK lifetime expiration 62 LG_NOTICE: 63 Start and stop of dnssec-signer 64 Re-signing events 65 Key rollover events 66 KSK key generation and revoking 67 Zone reload resp. freeze/thaw of dynamic zone 68 LG_INFO: Currently none 69 planned: 70 Mesages for key generation and key status change 71 (e.g.: pre-publish -> activate; revoked -> removed etc.) 72 LG_DEBUG: all "verbose" (-v) and "very verbose" (-v -v) messages 73 74Some recomended and useful logging settings 75 76- The default setting 77 LogFile: "" 78 SyslogFacility: USER 79 SyslogLevel: NOTICE 80 VerboseLog: 0 81 82- Setting as in version v0.95 83 LogFile: "zkt-error.log" # or a directory for separate logfiles 84 LogLevel: ERROR 85 SyslogFacility: NONE 86 VerboseLog: 0 87 88- Setting as in previous versions 89 LogFile: "" 90 SyslogFacility: NONE 91 VerboseLog: 0 92 93- Recommended setting for normal usage 94 LogFile: "zkt.log" # or a directory for separate logfiles 95 LogLevel: ERROR 96 SyslogFacility: USER 97 SyslogLevel: NOTICE 98 VerboseLog: 0 99 100- Recommended setting for debugging 101 LogFile: "zkt.log" # or a directory for separate logfiles 102 LogLevel: DEBUG 103 SyslogFacility: USER 104 SyslogLevel: NOTICE 105 VerboseLog: 2 106