Forum Discussion
Logs for local-db-publisher
- Nov 02, 2023
if thats still not logging you might want to open a case on that
GTM is the older product name that was used with older TMOS versions. GTM is the correct logfile in this case. Typically you would not want to log every query/response as it does have performance impact to your system. Configuring BIG-IP DNS to log dns queries and responses (f5.com).
To log query/responses here are some quick instructions extracted from that KB article above:
Creating a custom DNS logging profile for logging DNS queries and responses
Create a custom DNS logging profile to log both DNS queries and responses when troubleshooting a DDoS attack.
Note: Logging both DNS queries and responses has an impact on the BIG-IP system performance.
-
On the Main tab, click DNS > Delivery > Profiles > Other > DNS Logging or Local Traffic > Profiles > Other > DNS Logging. The DNS Logging profile list screen opens.
-
Click Create. The New DNS Logging profile screen opens.
-
In the Name field, type a unique name for the profile.
-
From the Log Publisher list, select a destination to which the BIG-IP system sends DNS log entries.
-
For the Log Queries setting, ensure that the Enabled check box is selected, if you want the BIG-IP system to log all DNS queries.
-
For the Log Responses setting, select the Enabled check box, if you want the BIG-IP system to log all DNS responses.
-
For the Include Query ID setting, select the Enabled check box, if you want the BIG-IP system to include the query ID sent by the client in the log messages.
-
Click Finished.
- mbrandon32Nov 02, 2023Cirrus
This KB was reviewed and each setting was enabled - outside of Include Query ID. We're in the process of cleaning some zones up and are looking to see what zones may still have hits, so we'd want all queries to be logged.
- Jeffrey_GranierNov 02, 2023Employee
if thats still not logging you might want to open a case on that
- mbrandon32Nov 06, 2023Cirrus
Case logged with support. It DNS logging profile needed to have the log publisher updated to one that has the local-syslog as the destination. Once updated, the query and response logs are logged in /var/log/ltm
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com