Sign in with
Sign up | Sign in
Your question

DNS logging question (Newbie)

Last response: in Windows 2000/NT
Share
Anonymous
April 6, 2005 4:29:20 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Hi, I need help to set up logging on a DNS server. I've (truly) read the
help files and I still don't get it ;-)
What I want to do is to have the DNS server log all queries to a text file.
I want all queries from all (3) clients to be logged. I would also like to
have a way to "pipe" this to the screen, just like you can "tail" a logfile
if you use Linux. Is this possible to do? That is to redirect output to
screen (black little window is OK)?
Any help appreciated.
Pete
Anonymous
April 6, 2005 4:29:21 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:ACQ4e.4689$4c.606952@juliett.dax.net,
Lordosis <poppers2000@hotmail.com> commented
Then Kevin replied below:
> Hi, I need help to set up logging on a DNS server. I've
> (truly) read the help files and I still don't get it ;-)
> What I want to do is to have the DNS server log all
> queries to a text file. I want all queries from all (3)
> clients to be logged. I would also like to have a way to
> "pipe" this to the screen, just like you can "tail" a
> logfile if you use Linux. Is this possible to do? That is
> to redirect output to screen (black little window is OK)?
> Any help appreciated.
> Pete

DNS can log all queries using advanced logging, I'm sure you can
programatically pipe it to an application if you can program an app to do
it.
That said, DNS is normally a read only application and can handle hundreds
of queries per second, but if it has to write the queries to a log, it will
slow it considerably and make it too slow to keep up the pace.
Advanced logging is intended for short term diagnosing of DNS problems and
should never be used long term, just to see what queries DNS is getting.

--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
Anonymous
April 7, 2005 10:36:59 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

Kevin D. Goodknecht Sr. [MVP] wrote:

> In news:ACQ4e.4689$4c.606952@juliett.dax.net,
> Lordosis <poppers2000@hotmail.com> commented
> Then Kevin replied below:
>> Hi, I need help to set up logging on a DNS server. I've
>> (truly) read the help files and I still don't get it ;-)
>> What I want to do is to have the DNS server log all
>> queries to a text file. I want all queries from all (3)
>> clients to be logged. I would also like to have a way to
>> "pipe" this to the screen, just like you can "tail" a
>> logfile if you use Linux. Is this possible to do? That is
>> to redirect output to screen (black little window is OK)?
>> Any help appreciated.
>> Pete
>
> DNS can log all queries using advanced logging, I'm sure you can
> programatically pipe it to an application if you can program an app to do
> it.
> That said, DNS is normally a read only application and can handle hundreds
> of queries per second, but if it has to write the queries to a log, it
> will slow it considerably and make it too slow to keep up the pace.
> Advanced logging is intended for short term diagnosing of DNS problems and
> should never be used long term, just to see what queries DNS is getting.
>
Well, I understand that it should not run debugging over a long period of
time, but I want to do this for a while even if it slows down my DNS to a
crawl :-)
How do I turn on this logging at all? I tried to check Queries, Questions,
Answers, TCP and UDP, but absolutely nothing shows up in the DNS log. I
tried to restart the service, nothing in the log. I tried to check all
possibilities, restarted DNS an still nothing in the log?! The "piping to
screen" can wait, but how do I get a log of which queries are sent and
resolved? The network is working, URLs are resolved and pages from the web
are loading so DNS must be working.
Pete (slightly confused)...
Related resources
Can't find your answer ? Ask !
Anonymous
April 7, 2005 2:55:14 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Lordosis wrote:
> Kevin D. Goodknecht Sr. [MVP] wrote:
>
>> In news:ACQ4e.4689$4c.606952@juliett.dax.net,
>> Lordosis <poppers2000@hotmail.com> commented
>> Then Kevin replied below:
>>> Hi, I need help to set up logging on a DNS server. I've
>>> (truly) read the help files and I still don't get it ;-)
>>> What I want to do is to have the DNS server log all
>>> queries to a text file. I want all queries from all (3)
>>> clients to be logged. I would also like to have a way to
>>> "pipe" this to the screen, just like you can "tail" a
>>> logfile if you use Linux. Is this possible to do? That is
>>> to redirect output to screen (black little window is OK)?
>>> Any help appreciated.
>>> Pete
>>
>> DNS can log all queries using advanced logging, I'm sure you can
>> programatically pipe it to an application if you can program an app
>> to do it.
>> That said, DNS is normally a read only application and can handle
>> hundreds of queries per second, but if it has to write the queries
>> to a log, it will slow it considerably and make it too slow to keep
>> up the pace. Advanced logging is intended for short term diagnosing
>> of DNS problems and should never be used long term, just to see what
>> queries DNS is getting.
>>
> Well, I understand that it should not run debugging over a long
> period of time, but I want to do this for a while even if it slows
> down my DNS to a crawl :-)
> How do I turn on this logging at all? I tried to check Queries,
> Questions, Answers, TCP and UDP, but absolutely nothing shows up in
> the DNS log. I tried to restart the service, nothing in the log. I
> tried to check all possibilities, restarted DNS an still nothing in
> the log?! The "piping to screen" can wait, but how do I get a log of
> which queries are sent and resolved? The network is working, URLs are
> resolved and pages from the web are loading so DNS must be working.
> Pete (slightly confused)...

In the DNS Management console, right click on the DNS server name, choose
properties, select the logging tab.
The log is in the %systemroot%\system32\dns directory


--?
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
Anonymous
April 8, 2005 10:18:57 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

Kevin D. Goodknecht Sr. [MVP] wrote:

> Lordosis wrote:
>> Kevin D. Goodknecht Sr. [MVP] wrote:
>>
>>> In news:ACQ4e.4689$4c.606952@juliett.dax.net,
>>> Lordosis <poppers2000@hotmail.com> commented
>>> Then Kevin replied below:
>>>> Hi, I need help to set up logging on a DNS server. I've
>>>> (truly) read the help files and I still don't get it ;-)
>>>> What I want to do is to have the DNS server log all
>>>> queries to a text file. I want all queries from all (3)
>>>> clients to be logged. I would also like to have a way to
>>>> "pipe" this to the screen, just like you can "tail" a
>>>> logfile if you use Linux. Is this possible to do? That is
>>>> to redirect output to screen (black little window is OK)?
>>>> Any help appreciated.
>>>> Pete
>>>
>>> DNS can log all queries using advanced logging, I'm sure you can
>>> programatically pipe it to an application if you can program an app
>>> to do it.
>>> That said, DNS is normally a read only application and can handle
>>> hundreds of queries per second, but if it has to write the queries
>>> to a log, it will slow it considerably and make it too slow to keep
>>> up the pace. Advanced logging is intended for short term diagnosing
>>> of DNS problems and should never be used long term, just to see what
>>> queries DNS is getting.
>>>
>> Well, I understand that it should not run debugging over a long
>> period of time, but I want to do this for a while even if it slows
>> down my DNS to a crawl :-)
>> How do I turn on this logging at all? I tried to check Queries,
>> Questions, Answers, TCP and UDP, but absolutely nothing shows up in
>> the DNS log. I tried to restart the service, nothing in the log. I
>> tried to check all possibilities, restarted DNS an still nothing in
>> the log?! The "piping to screen" can wait, but how do I get a log of
>> which queries are sent and resolved? The network is working, URLs are
>> resolved and pages from the web are loading so DNS must be working.
>> Pete (slightly confused)...
>
> In the DNS Management console, right click on the DNS server name, choose
> properties, select the logging tab.
> The log is in the %systemroot%\system32\dns directory
>
>
> --?
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ===================================
Thanks for your advice, but this is still not working. I tried to
right-click the server name, went to logging, checked all possibilities and
restarted the DNS service. The network had a lot of traffic over several
hours, resolving hundreds of URLs. still the winnt/system32/dns/dns.log has
0 bytes. The two other files there (cache.dns & 1.1.10.in-addr.arpa) are
not 0 bytes, but there is no record of queries being solved. I then checked
that the clients do not have any other DNS servers showing up in
ipconfig /all, and they all point to 10.1.1.1, which is the fixed IP adress
of the DNS server.
I was thinking that maybe my DNS simply forwards everything to the ISPs DNS
server, and therefore all resolving is done there? How can I find out for
certain if this is the case?
Thanx!
Anonymous
April 8, 2005 5:44:53 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

What happens if you try to ping something inside your network by fqdn?

"Lordosis" <poppers2000@hotmail.com> wrote in message
news:lnp5e.4807$4c.620000@juliett.dax.net...
> Kevin D. Goodknecht Sr. [MVP] wrote:
>
>> Lordosis wrote:
>>> Kevin D. Goodknecht Sr. [MVP] wrote:
>>>
>>>> In news:ACQ4e.4689$4c.606952@juliett.dax.net,
>>>> Lordosis <poppers2000@hotmail.com> commented
>>>> Then Kevin replied below:
>>>>> Hi, I need help to set up logging on a DNS server. I've
>>>>> (truly) read the help files and I still don't get it ;-)
>>>>> What I want to do is to have the DNS server log all
>>>>> queries to a text file. I want all queries from all (3)
>>>>> clients to be logged. I would also like to have a way to
>>>>> "pipe" this to the screen, just like you can "tail" a
>>>>> logfile if you use Linux. Is this possible to do? That is
>>>>> to redirect output to screen (black little window is OK)?
>>>>> Any help appreciated.
>>>>> Pete
>>>>
>>>> DNS can log all queries using advanced logging, I'm sure you can
>>>> programatically pipe it to an application if you can program an app
>>>> to do it.
>>>> That said, DNS is normally a read only application and can handle
>>>> hundreds of queries per second, but if it has to write the queries
>>>> to a log, it will slow it considerably and make it too slow to keep
>>>> up the pace. Advanced logging is intended for short term diagnosing
>>>> of DNS problems and should never be used long term, just to see what
>>>> queries DNS is getting.
>>>>
>>> Well, I understand that it should not run debugging over a long
>>> period of time, but I want to do this for a while even if it slows
>>> down my DNS to a crawl :-)
>>> How do I turn on this logging at all? I tried to check Queries,
>>> Questions, Answers, TCP and UDP, but absolutely nothing shows up in
>>> the DNS log. I tried to restart the service, nothing in the log. I
>>> tried to check all possibilities, restarted DNS an still nothing in
>>> the log?! The "piping to screen" can wait, but how do I get a log of
>>> which queries are sent and resolved? The network is working, URLs are
>>> resolved and pages from the web are loading so DNS must be working.
>>> Pete (slightly confused)...
>>
>> In the DNS Management console, right click on the DNS server name, choose
>> properties, select the logging tab.
>> The log is in the %systemroot%\system32\dns directory
>>
>>
>> --?
>> Best regards,
>> Kevin D4 Dad Goodknecht Sr. [MVP]
>> Hope This Helps
>> ===================================
>> When responding to posts, please "Reply to Group"
>> via your newsreader so that others may learn and
>> benefit from your issue, to respond directly to
>> me remove the nospam. from my email address.
>> ===================================
>> http://www.lonestaramerica.com/
>> ===================================
>> Use Outlook Express?... Get OE_Quotefix:
>> It will strip signature out and more
>> http://home.in.tum.de/~jain/software/oe-quotefix/
>> ===================================
>> Keep a back up of your OE settings and folders
>> with OEBackup:
>> http://www.oehelp.com/OEBackup/Default.aspx
>> ===================================
> Thanks for your advice, but this is still not working. I tried to
> right-click the server name, went to logging, checked all possibilities
> and
> restarted the DNS service. The network had a lot of traffic over several
> hours, resolving hundreds of URLs. still the winnt/system32/dns/dns.log
> has
> 0 bytes. The two other files there (cache.dns & 1.1.10.in-addr.arpa) are
> not 0 bytes, but there is no record of queries being solved. I then
> checked
> that the clients do not have any other DNS servers showing up in
> ipconfig /all, and they all point to 10.1.1.1, which is the fixed IP
> adress
> of the DNS server.
> I was thinking that maybe my DNS simply forwards everything to the ISPs
> DNS
> server, and therefore all resolving is done there? How can I find out for
> certain if this is the case?
> Thanx!
Anonymous
April 11, 2005 2:13:03 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Ken B wrote:

> What happens if you try to ping something inside your network by fqdn?
>
> "Lordosis" <poppers2000@hotmail.com> wrote in message
> news:lnp5e.4807$4c.620000@juliett.dax.net...
>> Kevin D. Goodknecht Sr. [MVP] wrote:
>>
>>> Lordosis wrote:
>>>> Kevin D. Goodknecht Sr. [MVP] wrote:
>>>>
>>>>> In news:ACQ4e.4689$4c.606952@juliett.dax.net,
>>>>> Lordosis <poppers2000@hotmail.com> commented
>>>>> Then Kevin replied below:
>>>>>> Hi, I need help to set up logging on a DNS server. I've
>>>>>> (truly) read the help files and I still don't get it ;-)
>>>>>> What I want to do is to have the DNS server log all
>>>>>> queries to a text file. I want all queries from all (3)
>>>>>> clients to be logged. I would also like to have a way to
>>>>>> "pipe" this to the screen, just like you can "tail" a
>>>>>> logfile if you use Linux. Is this possible to do? That is
>>>>>> to redirect output to screen (black little window is OK)?
>>>>>> Any help appreciated.
>>>>>> Pete
>>>>>
>>>>> DNS can log all queries using advanced logging, I'm sure you can
>>>>> programatically pipe it to an application if you can program an app
>>>>> to do it.
>>>>> That said, DNS is normally a read only application and can handle
>>>>> hundreds of queries per second, but if it has to write the queries
>>>>> to a log, it will slow it considerably and make it too slow to keep
>>>>> up the pace. Advanced logging is intended for short term diagnosing
>>>>> of DNS problems and should never be used long term, just to see what
>>>>> queries DNS is getting.
>>>>>
>>>> Well, I understand that it should not run debugging over a long
>>>> period of time, but I want to do this for a while even if it slows
>>>> down my DNS to a crawl :-)
>>>> How do I turn on this logging at all? I tried to check Queries,
>>>> Questions, Answers, TCP and UDP, but absolutely nothing shows up in
>>>> the DNS log. I tried to restart the service, nothing in the log. I
>>>> tried to check all possibilities, restarted DNS an still nothing in
>>>> the log?! The "piping to screen" can wait, but how do I get a log of
>>>> which queries are sent and resolved? The network is working, URLs are
>>>> resolved and pages from the web are loading so DNS must be working.
>>>> Pete (slightly confused)...
>>>
>>> In the DNS Management console, right click on the DNS server name,
>>> choose properties, select the logging tab.
>>> The log is in the %systemroot%\system32\dns directory
>>>
>>>
>>> --?
>>> Best regards,
>>> Kevin D4 Dad Goodknecht Sr. [MVP]
>>> Hope This Helps
>>> ===================================
>>> When responding to posts, please "Reply to Group"
>>> via your newsreader so that others may learn and
>>> benefit from your issue, to respond directly to
>>> me remove the nospam. from my email address.
>>> ===================================
>>> http://www.lonestaramerica.com/
>>> ===================================
>>> Use Outlook Express?... Get OE_Quotefix:
>>> It will strip signature out and more
>>> http://home.in.tum.de/~jain/software/oe-quotefix/
>>> ===================================
>>> Keep a back up of your OE settings and folders
>>> with OEBackup:
>>> http://www.oehelp.com/OEBackup/Default.aspx
>>> ===================================
>> Thanks for your advice, but this is still not working. I tried to
>> right-click the server name, went to logging, checked all possibilities
>> and
>> restarted the DNS service. The network had a lot of traffic over several
>> hours, resolving hundreds of URLs. still the winnt/system32/dns/dns.log
>> has
>> 0 bytes. The two other files there (cache.dns & 1.1.10.in-addr.arpa) are
>> not 0 bytes, but there is no record of queries being solved. I then
>> checked
>> that the clients do not have any other DNS servers showing up in
>> ipconfig /all, and they all point to 10.1.1.1, which is the fixed IP
>> adress
>> of the DNS server.
>> I was thinking that maybe my DNS simply forwards everything to the ISPs
>> DNS
>> server, and therefore all resolving is done there? How can I find out for
>> certain if this is the case?
>> Thanx!
I get an answer if I ping by hostname and ig I ping by FQDN and if I ping by
IP adress. Name resolution seems to work...
!