monitoring/graphing/tracking named queries
McDonald, Daniel (Dan)
Dan.McDonald at austinenergy.com
Fri Nov 13 22:52:30 UTC 2015
On 11/13/15, 4:46 PM, "bind-users-bounces at lists.isc.org on behalf of Frank
Even" <bind-users-bounces at lists.isc.org on behalf of
lists+isc.org at elitists.org> wrote:
>What does everyone do for monitoring their DNS traffic, if anything?
We feed the query-logs into splunk, so they can be correlated with all of
the other network logs
>I've come to a place where I need to have a good understanding of
>general capacity. For example, how much traffic and types of traffic
>individual servers are handling.
>
>I'd also like to get a breakdown of raw # of queries, then types of
>queries, and in some cases, the top 20 "busiest hosts" and maybe what
>they are hitting the servers with.
Yup, all easily available from splunk. And the logging is consistent for
all sorts of devices, so you only have to learn one log
parsing/reporting/cross-tabbing language.
More information about the bind-users
mailing list