DNS (Domain Name System)
- Description
-
A service that translates host and domain names into IP addresses. Clients send requests to the local DNS server, which in turn communicates with root and top-level domain servers, to resolve the IP address for a given name.
DNS servers create detailed DNS traffic logging. It helps system administrators troubleshoot DNS errors or identify attempts to attack the DNS infrastructure. DNS clients also record client DNS queries to a server. However, DNS server logs are often of higher value than DNS client logs, since they can help identify malicious activity, such as Denial of Service (DoS) and Command and Control attacks.
Given the importance of DNS logging, we provide several guides, tutorials, and dedicated NXLog Agent modules to collect all types of DNS telemetry data.
- See also
-
Collect logs from BIND 9 DNS Server
Collect logs from Windows DNS Server
Passive DNS monitoring
The Importance of DNS Logging in Enterprise Security
The disappearing Windows DNS debug log
Top 5 security concerns revealed with DNS logging
DNS Log Collection and Parsing
DNS Log Collection on Windows
DNS Log Collection on Linux