FreeBSD: Install bindgraph To Make Graphs About Queries Sent To BIND

last updated in Categories , , , , , , ,

How do I install bindgraph to make pretty query statistics about my BIND server running FreeBSD Unix operating system?

Bindgraph was derived from well-known mailgraph package. It is a tool that makes pretty graphs about queries (such as A, MX, AAAA, TXT and so on) sent to your BIND name server. It will create graph for:[donotprint][/donotprint]


  1. Last Hours Graph
  2. Day Graph
  3. Week Graph
  4. Month Graph
  5. Year Graph

There are two steps to create graphs:

a] You need enable query logging under bind by updating named.conf file itself. You can log queries to /var/log/query.log file.

b] Create bindgraph.rrd database by enabling bindgraph service.

Step 1: Install bindgraph

Type the following commands to install bindgraph via the port:
# portsnap fetch update
# cd /usr/ports/dns/bindgraph/
# make install clean

Or use the following command to install binary package:
# pkg install dns/bindgraph

Step 2: Configure BIND (named) logging

Open named.conf file, enter:
# vi /etc/namedb/named.conf
Append something as follows to logging options:
channel "querylog" { file "/var/log/query.log"; print-time yes; };
category queries { querylog; };

Here is my sample logging entry:

# Configure the logging options
logging {
    channel security_channel {
        # Send log messages to the specified file
        file            "/var/log/security.log";
        # Log all messages
        severity        debug;
        # Log the date and time of the message
        print-time      yes;
        # Log the category of the message
        print-category  yes;
        # Log the severity level of the message
        print-severity  yes; 
    channel default {
        # Send logs to the syslog 'local0' facility
        syslog          local0;
        # Log messages of severity 'info' or higher
        severity        info;
        print-category  yes;
        print-severity  yes;
    # Logs about approval and denial of requests
    category security {
    # Ignore logs about misconfigured remote servers
    category lame-servers { null; };
    # Default logging options
    category default { default; };
   channel "querylog" { file "/var/log/query.log"; print-time yes; };
   category queries { querylog; };

Save and close the file. Restart bind server, run:
# /etc/rc.d/named restart

Step 3: Configure bindgraph

Enable bindgraph service, enter:
echo 'bindgraph_enable="YES"' >> /etc/rc.conf
Finally, start bindgraph, enter:
# /usr/local/etc/rc.d/bindgraph start

Step 4: How do I view bindgrap rrd graphs?

By default Perl cgi script is installed at /usr/local/www/cgi-bin/bindgraph.cgi location. You can use the same or copy the script to your cgi-bin location. You also need to configure Apache or other web server to run Perl via cgi-bin. Once done, fire up a webbrowser and type the url
You should see sample graphs:

BIND DNS Queries - bindgraph in action
Fig:01 BIND DNS Queries: Bindgraph In Action

BIND DNS Queries Day Grap
Fig.02: BIND DNS Queries Day Grap

You can download the latest source code visiting this url.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.


6 comment

  1. b] Create bindgraph.rrd database by enabling bindgraph service.

    how create database?

    // I have 500 – Internal Server Error
    # rrdtool create bindgraph.rrd –start 09:35 –step 600 DS:bind:COUNTER:600:U:U RRA:MAX:0.5:1:600

    sorry for my english

  2. Is there a way to get this to work on a Debian system? I have been at it for more than a few hours and can’t seem to get any graphs to show up.

  3. Hi, I’m using rhel 5.1, “bind-9.3.6-25.P1.el5_11.3”. Can anyone share me the link from where I can download the bindgraph package

Leave a Comment