DNSSEC validation failure logging¶
This logs a message for each DNSSEC validation failure (on notice
logging level).
It is meant to provide hint to operators which queries should be
investigated using diagnostic tools like DNSViz.
Add following line to your configuration file to enable it:
logging:
dnssec-bogus: true
Example of error message logged:
[dnssec] validation failure: dnssec-failed.org. DNSKEY