From: Tomas Krizek <tomas.krizek@nic.cz>
Date: Wed, 15 Dec 2021 15:27:21 +0000 (+0100)
Subject: doc: add mention about policy debug logging near RPZ
X-Git-Tag: v5.5.0~25^2~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f41ee8c3377ca84bffca35bef12cd15422efa6f0;p=thirdparty%2Fknot-resolver.git

doc: add mention about policy debug logging near RPZ
---

diff --git a/modules/policy/README.rst b/modules/policy/README.rst
index a769a6921..176ff1638 100644
--- a/modules/policy/README.rst
+++ b/modules/policy/README.rst
@@ -640,6 +640,15 @@ Response policy zones
   .. [#] Our :any:`policy.DROP` returns *SERVFAIL* answer (for historical reasons).
 
 
+  .. note::
+
+     To debug which domains are affected by RPZ (or other policy actions), you can enable the ``policy`` log group:
+
+     .. code-block:: lua
+
+        log_groups({'policy'})
+
+
 .. function:: rpz(action, path, [watch = true])
 
   :param action: the default action for match in the zone; typically you want :any:`policy.DENY`