07-27-2016 08:55 AM - edited 07-27-2016 08:56 AM
Today while randomly checking our busiest DNS server by using command show log /rpz/ i happen to see the following logs,
2016-07-27T15:22:45+00:00 daemon ib-sc9-ns1.vmware.com named: info rpz: CEF:0|Infoblox|NIOS|7.1.4-290316|RPZ-QNAME|Local-Data|7|app=DNS dst=10.113.61.110 src=10.113.208.39 spt=41428 view=72 qtype=A msg="rpz QNAME Local-Data rewrite mail-bitech.dyndns.org [A] via mail-bitech.dyndns.org.sinkhole"
/usr/bin/tail: `/var/log/messages' has become inaccessible: No such file or directory
/usr/bin/tail: `/var/log/messages' has become accessible
2016-07-27T15:23:00+00:00 daemon ib-sc9-ns1.vmware.com named: info rpz: CEF:0|Infoblox|NIOS|7.1.4-290316|RPZ-QNAME|NODATA|7|app=DNS dst=10.113.61.110 src=10.113.161.110 spt=53 view=72 qtype=AAAA msg="rpz QNAME NODATA rewrite tracker.coppersurfer.tk [AAAA] via tracker.coppersurfer.tk.sinkhole"
Are these any kindof trouble makers or is it showing signs of a mojor upcoming issue? Any idea?
07-27-2016 10:20 AM
It is highly probable this message is caused by the log file beeing rotated when you were looking at it.
I'd say it is not an issue as it but if it happens often it might indicates your are logging to much data, hence rotating often, which could have an impact on performances.