# djbdns-stats v1.1 # Function: keep stats on tinydns and dnscache. # 20070912 00:01 (GMT-05:00) # Jeremy Kister - http://jeremy.kister.net/ This utility is similar to many existing djbdns graphing packages, except that it's much leaner. No code was plucked from any other authors. I wanted this leaness because both my authoritative and recursive name servers run a lot of queries, and didn't want to start running into blocking/performance problems. The stats code does not pretty any logs; we can save those CPU cycles and only pretty them while we're looking at them (via piping to the included dnslog.pl) Excluding performance differences, this code is different from existing log analysis packages in the following ways: * very friendly to cacti/cricket via Net-SNMP * dnscache RR information (instead of just "total queries") * dnscache cache effectiveness information * configurable stats_file (useful if you have multiple dnscache instances on the same box) * more RRs recognized for tinydns (and dnscache) (such as TXT, NAPTR, A6, IXFR, AXFR) * lame queries recognized for tinydns (i.e. when a domain is pointing to your server, but you dont have the domain configured in your data file) * Format Errors recognized for tinydns (i.e. a request for data outside the Internet class) * Not Implemented recognized for tinydns (i.e. a recursive query request) Note: Using perl 5.8.0, I've seen dnsstats.pl crash while trying to write to the stats file -- apparently there is something wrong with 5.8.0's interpretation of $SIG{ALRM}. upgrading to 5.8.6 fixes it. dnsstats.pl Usage: --log tee from STDIN to command --tinydns set up for a tinydns log input --dnscache set up for a dnscache log input --cricket create stats file for cricket (1 rr per line) --cacti create stats file for cacti (RR1:VALUE1 RR2:VALUE2 [...]) --stats_file where to put the stats file to be read via SNMP --tmp_stats_file where to put the tmp stats file (must be on same slice as stats_file) (default: [stats_file].tmp) ###################################################################### install the scripts cp dnsstats.pl /usr/local/script chmod ugo+x /usr/local/script/dnsstats.pl cp dnslog.pl /usr/local/script chmod ugo+x /usr/local/script/dnslog.pl ###################################################################### tinydns interaction: mkdir -p /etc/tinydns/stats/ chown dnslog /etc/tinydns/stats/ cp contrib/daemontools/run-tinydns /service/tinydns/log/run chmod u+x /service/tinydns/log/run ###################################################################### dnscache interaction: mkdir -p /etc/dnscache/stats chown dnslog /etc/dnscache/stats/ if you want to log everything normally (rather wasteful i/o): cp contrib/daemontools/run-dnscache /service/dnscache/log/run otherwise, to log only interesting stuff: cp contrib/daemontools/run-dnscache-lean_logging /service/dnscache/log/run make the run script executable: chmod u+x /service/dnscache/log/run ###################################################################### add the following lines to the bottom of your /usr/local/share/snmp/snmpd.conf: exec .1.3.6.1.4.1.18689.0.1 dnscache-stats /bin/cat /etc/dnscache/stats/stats_file exec .1.3.6.1.4.1.18689.1.2 tinydns-stats /bin/cat /etc/tinydns/stats/stats_file Note: if you have multiple instances of dnscache on the same host, you can set up instances -- your snmpd.conf: exec .1.3.6.1.4.1.18689.0.1 dnscache-stats /bin/cat /etc/dnscache/10.0.0.10/stats/stats_file exec .1.3.6.1.4.1.18689.0.2 dnscache-stats /bin/cat /etc/dnscache/192.168.3.3/stats/stats_file send a HUP to snmp, and you're set. You might have to change 'exec' to 'extend' and modify the OIDs depending on your net-snmp version. Take a look in the contrib/ directory, where you can find a couple cricket Defaults files.