[Samba] Internal DNS logging

Denis Cardon dcardon at tranquil.it
Thu Jan 18 15:52:48 UTC 2018


Hi Giuseppe,

please, stay on the list.

Le 01/18/2018 à 04:32 PM, Giuseppe Cesa Bianchi a écrit :
> Thank you for your reply but users logon are already logged on log.samba
> (I think when kerberos authenticate it).
>
> My problem is the hundreds of line written by DNS on log, even at log
> level 1. I'm asking if I can do something to stop it.

In smb.conf, try:

    log level = 1 auth_audit:3  dns:0

or in samba 4.7.4
    log level = 1 auth_json_audit:3 dns:0

Denis

>
> Thanks anyway
>
> Giuseppe
>
>
> On 1/18/2018 3:40 PM, Denis Cardon wrote:
>> Hi Giuseppe,
>>
>>> I have two Samba domain controllers version 4.6.4 on Centos 7.3.
>>>
>>> I need to log every login/logout from windows PCs and I read on the wiki
>>> that I have to set log level >=3, this works.
>>>
>>> The problem is that my log.samba is filled by internal DNS messages,
>>> most of them about forwarding.
>>>
>>> in my smb.conf:
>>>
>>>         log level = 3 auth:10
>>>         vfs objects = full_audit
>>>
>>> I googled around but I cannot find anything to avoid this.
>>
>> For login, you should upgrade your server to Samba 4.7.4 and add json
>> auth logging with the auth_json_audit parameter [1].
>>
>> For logout, it won't be really possible to have a definitive
>> information from the AD point of view. But you can probably script
>> something on your desktop and send it back to the server (if the
>> network connection is still up...)
>>
>> Cheers,
>>
>> Denis
>>
>> [1] https://wiki.samba.org/index.php/Setting_up_Audit_Logging
>>
>>
>>>
>>> Please help me!
>>>
>>> Thanks
>>>
>>>
>>
>

-- 
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil-it-systems.fr




More information about the samba mailing list