Need help on DNS reporter
wllarso.dns
wllarso.dns at gmail.com
Mon Mar 21 18:12:09 UTC 2011
What's more open source than a one line shell script? It is too simple to spend the time packaging it for rh linux.
Try running this against your query logs to see if it does what you want then tweak it as needed.
If all else fails look at DNSTOP. Simple single purpose tool that may fit your need, depending on what your need is. Don't know if is is packaged specificly for linux but building from source is easy.
Sent from Garminfone by T-Mobile.
babu dheen <babudheen at yahoo.co.in> wrote:
>Hi,
>
>Actually i am looking for open source software which can be installed on redhat linux BIND server to geneerate report from the DNS logs.
>
>Regards
>Papdheen M
>
>--- On Sun, 20/3/11, Warren Kumari <warren at kumari.net> wrote:
>
>
>From: Warren Kumari <warren at kumari.net>
>Subject: Re: Need help on DNS reporter
>To: "babu dheen" <babudheen at yahoo.co.in>
>Cc: "terry" <terry at list.dnsbed.com>, bind-users at lists.isc.org
>Date: Sunday, 20 March, 2011, 8:10 PM
>
>
>Enable query logging, then:
>
>cat queries.log | grep 'query: example.com' | awk '{print $6}' | sed 's/#.*//' | sort -n | uniq -c | sort -rn | head -100 | more
>
>
>or something similar?
>
>W
>
>On Mar 20, 2011, at 10:09 AM, babu dheen wrote:
>
>> Hi,
>>
>> I am getting below status on this command.. Only internal DNS servers are allowed to query our gateway DNS server as client.
>>
>> number of zones: 12
>> debug level: 0
>> xfers running: 0
>> xfers deferred: 0
>> soa queries in progress: 0
>> query logging is ON
>> recursive clients: 1/1000
>> tcp clients: 0/100
>> server is up and running
>>
>>
>> --- On Sun, 20/3/11, terry <terry at list.dnsbed.com> wrote:
>>
>> From: terry <terry at list.dnsbed.com>
>> Subject: Re: Need help on DNS reporter
>> To: "babu dheen" <babudheen at yahoo.co.in>
>> Cc: bind-users at lists.isc.org
>> Date: Sunday, 20 March, 2011, 12:42 PM
>>
>> How will "rndc status" take something good for you?
>>
>>
>>
>> 2011/3/20 babu dheen <babudheen at yahoo.co.in>
>> Hi,
>>
>> Can anyone let me know is there any open source software available to generate report for DNS service based on DNS BIND query logs.
>>
>> We have BIND DNS running RHEL 5.0. Would like to generate report based on its logs so that we can identify list of clients quering external domains and its query count.
>>
>> Many clients in our company infected with malware which thus send unnecessary query to remote external domain (non available domain). So if we have any software which can generate the report from DNS BIND logs, will be very helpful.
>>
>>
>> Regards
>> Babu
>>
>>
>> _______________________________________________
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>>
>>
>> --
>> www.DNSbed.com
>>
>> _______________________________________________
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110321/b04837ef/attachment.html>
More information about the bind-users
mailing list