The BIND 9.x server implementation must be configured with a channel to send audit records to a local file.

An XCCDF Rule

Description

<VulnDiscussion>DNS software administrators require DNS transaction logs for a wide variety of reasons including troubleshooting, intrusion detection, and forensics. Ensuring that the DNS transaction logs are recorded on the local system will provide the capability needed to support these actions.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-207547r879582_rule
Severity: Low
References: CCI-001348
Updated: 17 days ago

Edit the "named.conf" file and add the following:

logging {
channel local_file_channel {
file "path_name" versions 3;
print-time yes;print-severity yes;
print-category yes;
};
category category_name { local_file_channel; };
};

Restart the BIND 9.x process.

The BIND 9.x server implementation must be configured with a channel to send audit records to a local file.

Description

Remediation - Manual Procedure