Enabling DNS Logging for Windows Server
To turn on DNS logging for a Microsoft Windows Server which is functioning as a DNS server, take the following steps:
If you wish to delete an existing log file that is in use and start a new one, right-click on the DNS server in the DNS Manager window, select All Tasks, then Stop. You can then move or delete the log file, right-click on the DNS server again, select All Tasks, then Start to restart logging.
When you check the log file, entries will appear such as the following:
The entries above show the system with IP address 192.168.0.42 queried the DNS server for the address of imap-mail.outlook.com. The Windows Server 2012 DNS server did not know the IP address, so it in turn queried a DNS forwarder system at 10.255.176.137. It received a response from the DNS forwarder and returned the response to the system at 192.168.0.42. The numbers you see for
A valuable and free tool which can aid you in examining Microsoft Windows DNS log files is Windows DNS Log Analyser or you can use one of the DNS Centric tools (created by Networkstr.com) to convert the 'dns.log' file into CVS with Convert Microsoft DNS Debug File to CSV Table Format.
The Microsoft Windows DNS Debug log file has a limited size of 500 MB or 1GB maximum (depending on the Operating System version). Whenever this file is full and it reaches the maximum size, the Windows DNS server will stop writing new logs to the file, hence a manually intervention is required to continuo the logging process.
One of the DNS Centric tools "Auto Archive DNS Debug Logs" solves this problem by creating an automatic backups based on user specified parameters such as recurring intervals, time, and/or file size threshold, which will archive the existing log file and create a new empty log file automatically for the new DNS Debug log messages.
DNS Related Tools and Articles:
Donate - Support Networkstr
Support Networkstr.com to continuo being online!
Help us build these products:
Thank You for your support!