1#
2#	README.logging
3#
4#	Introduction into the new logging feature 
5#	available since v0.96
6#	Per domain logging is enabled since v1.0
7#	
8
9In previous version of dnssec-signer every message was written
10to the default stdout and stderr channels, and the logging itself
11was handled by a redirection of those chanels to the logger command
12or to a file.
13
14Since v0.96, the dnssec-signer command is able to log all messages
15by itself. File and SYSLOG logging is supported.
16
17To enable the logging into a file channel, you have to specify
18the file or directory name via the commandline option -L (--logfile)
19or via the config file parameter "LogFile".
20	LogFile: ""|"<file>"|"<directory>"	(default is "")
21If a file is specified, than each run of dnssec-signer will append the
22messages to that file. If a directory is specified, than a file with a
23name of zkt-<ISOdate&timeUTC>+log" will be created on each dnssec-signer run.
24
25Since v1.0 per domain logging is possible.
26If the parameter "LogDomainDir:" is not empty, than the domain specific messages
27are written to a separate log file with a name like "zkt-<domainname>+log" in the
28directory specified by the parameter.
29If "LogDomainDir:" is set to ".", then the logfile will be created in the domain
30directory of the zone.
31
32Logging into the syslog channel could be enabled via the config file
33parameter "SyslogFacility".
34	SyslogFacility:	NONE|USER|DAEMON|LOCAL0|..|LOCAL7 (default is USER)
35
36For both channels, the log level could be set to one of six log levels:
37	LG_FATAL, LG_ERROR, LG_WARNING
38	LB_NOTICE, LG_INFO, LG_DEBUG
39
40The loglevel is settable via the config file parameter :
41	SyslogLevel: FATAL|ERROR|WARNING|NOTICE|INFO|DEBUG
42		(default is ERROR)
43and
44	LogLevel: FATAL|ERROR|WARNING|NOTICE|INFO|DEBUG
45   		(default is NOTICE)
46
47All the log parameters are settable on the commandline via the generic
48option -O "optstring" (--config-option="optstring").
49
50A verbose message output to stdout could be achieved by the commandline
51option -v (or -v -v).
52If you like to have this verbose messages also logged with a level of LG_DEBUG
53you should enable this by setting the config file option
54"VerboseLog" to a value of 1 or 2.
55
56Current logging messages:
57	LG_FATAL: Not all of the fatal errors are logged
58		(e.g.: config file or command line option fatal errors are
59		not logged)
60	LG_ERROR: All error messages will be logged
61	LG_WARNING: KSK lifetime expiration
62	LG_NOTICE:
63		Start and stop of dnssec-signer
64		Re-signing events 
65		Key rollover events
66		KSK key generation and revoking
67		Zone reload resp. freeze/thaw of dynamic zone
68	LG_INFO: Currently none
69		planned:
70		Mesages for key generation and key status change
71		(e.g.: pre-publish -> activate; revoked -> removed etc.)
72	LG_DEBUG: all "verbose" (-v) and "very verbose" (-v -v)  messages
73
74Some recomended and useful logging settings
75
76- The default setting
77	LogFile: ""
78	SyslogFacility: USER
79	SyslogLevel: NOTICE
80	VerboseLog: 0
81
82- Setting as in version v0.95
83	LogFile: "zkt-error.log"	# or a directory for separate logfiles
84	LogLevel: ERROR
85	SyslogFacility: NONE
86	VerboseLog: 0
87
88- Setting as in previous versions
89	LogFile: ""
90	SyslogFacility: NONE
91	VerboseLog: 0
92
93- Recommended setting for normal usage
94	LogFile: "zkt.log"	# or a directory for separate logfiles
95	LogLevel: ERROR
96	SyslogFacility: USER
97	SyslogLevel: NOTICE
98	VerboseLog: 0
99	
100- Recommended setting for debugging
101	LogFile: "zkt.log"	# or a directory for separate logfiles
102	LogLevel: DEBUG
103	SyslogFacility: USER
104	SyslogLevel: NOTICE
105	VerboseLog: 2
106