NXLog Docs

DNS logging

What is DNS logging?


DNS logging captures detailed DNS traffic, i.e., all data passing through a DNS server service. It helps system administrators resolve DNS errors or identify and mitigate attempts to attack the DNS infrastructure.

DNS clients generate logs such as client DNS queries to a server. However, DNS server logs are often of higher value than DNS client logs. Attackers use DNS for many malicious activities, like data theft, Denial of Service, or Command and Control attacks. Therefore, DNS monitoring is crucial to detect the onset of such attacks and take action promptly.

In the world of NXLog

DNS logging can be complex. Therefore, system administrators must know which logs are essential and where to find them to build an effective log collection strategy. Yes, DNS logs coming from various sources contain different information. DNS logging and getting it right, with a little exaggeration, can be considered a separate profession.

DNS logs provide a wealth of information; if used well, it is one of the most valuable log sources. Moreover, they are a real weapon for commanding your network. Given the importance of DNS logging, we provide several guides, tutorials, and dedicated NXLog modules to collect every type of DNS log.

A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   R   S   T   U   V   W   X   Z