Luca Morettoni
Versione italiana

tinystats

tinystats is a filter that reads tinydns logs and stores stats about query types and errors of your authoritative dns.
This software is inspired by Nate Campi's system, but tinystats is written in C in order to reduce the amount of resources.
Support this project:

Installation

Download the package tinystats-1.1.tar.gz (Perugia, Italy)

To compile do:

     tar -xfz tinystats-[version].tar.gz
     cd tinystats
     make install strip
(if you want to modify building and/or installation options, please refer to the top of Makefile).

If you patched djbdns to enable IPv6, you can define the WITH_IPV6 variable (e.g. make -D WITH_IPV6 ...).

If you're running FreeBSD you can install tinystats with his port:

    cd /usr/ports/dns/tinystats
    make install clean

Use

Once built and installed, you should modify tinydns/log/run file in order to run tinystats. The syntax command is:
    tinystats [-h] [-s progr] output progr
where output is the directory will contain tinystats.out (the stats file) and progr is the log receiver (usually multilog).
New log/run file becomes (check tinydns.log.run.sample file inside the package):
    exec setuidgid Gdnslog tinystats -h ./main/tinystats/ \
        multilog t n3 s250000 ./main/
If you set -h option, tinystats transforms tinydns logs into a human-readable form (decimal IP and query type string), here is an example:
192.168.0.50    57552 [56427] + MX   home.morettoni.local
192.168.0.2     64228 [05045] + A    current.morettoni.local
192.168.0.2     28675 [10102] + ANY  morettoni.local
192.168.0.2     51488 [23734] + PTR  254.0.168.192.in-addr.arpa

Slave server

If you use tinydns as a slave of BIND master you can specify -s option to set the notify manager. When a master server send to tinydns the notify of zone update into the log, you can find an unimplemented request (I char) of SOA record (value 0006); tinystats will run the proper program after -s option with the following parameters: inside the package you can find an example script (update_slave.sh.sample) useful to manage updates, the Makefile.sample is a replace version for Makefile inside tinydns/root: that script merges all data file downloaded from master servers and rebuilds data.cdb.
Example scripts refer to tinydns/root/allow configuration file; this file holds the slave's zone list and the master server's IP. The syntax is:
  zoneA.tld:MASTER_IP
  zoneB.tld:ANOTHER_MASTER_IP
You can store zone file in a different directory from tinydns/root simply editing ZONEDIR variable in both scripts, is important to make *.data, data and data.cdb files writable to tinydns/log owner user.
The start_slave.sh.sample script downloads all zones listed in allow file, helpful for the first startup of your slave server.

Signals

If tinystats receives ALRM, TERM and HUP signals:

Stats

tinystats's output file has two lines: the first line has counters of query types and the second line is a brief explanation of fields.
Here is an example:
386:7:0:4:0:0:272:8:0:0:0:122:0:6:860:24:1:0:0:30
a:ns:cname:soa:ptr:hinfo:mx:txt:rp:sig:key:aaaa:axfr:any:total:other:notauth:notimpl:badclass:noquery
First 15 field are self-explanatory, last 6 are:

Graphs

With RRDtools you can build some graphics about queries and errors logged by tinystats, in the package you can find a shell script (tinydns.sh.sample) that you can run from your crontab and it reads values and update graphs. You can configure the script by setting up few variables into the tinydns.conf file (keep it into the same directory of the script), these variables are: At the top of the script you can see the default values of this variables.

Some examples of tinystats in action:

Thanks