[Pdns-users] PowerDNS Authoritative 4.6.2, how to log served responses (i.e. NOERROR, NXDOMAIN, SERVFAIL, etc)?

Otto Moerbeek otto at drijf.net
Wed Jun 15 06:17:32 UTC 2022 

Hello,

Network sniffing based logging is one option.  Additionally, PowerDNS
Recursor itzelf can log client queries and/or repsonses using
protobufs. It also can log outgoing queries and/or their responses in
dnstap format.

Both methods can handle large query loads.

See https://docs.powerdns.com/recursor/lua-config/protobuf.html

dnsdist also has various options for logging.

	-Otto

On Tue, Jun 14, 2022 at 08:10:20PM +0200, Klaus Darilion via Pdns-users wrote:

> Hi Dmitriy!
> 
> Recently we had a similar requirement for our resolvers (which only do query logging, not response logging) and we decided to use packetbeat for this purpose. IT should be easy to integrate if you have an existing Elasic Search cluster!
> 
> regards
> Klaus
> 
> Von: Pdns-users <pdns-users-bounces at mailman.powerdns.com> Im Auftrag von frank+pdns--- via Pdns-users
> Gesendet: Dienstag, 14. Juni 2022 15:23
> An: Dmitriy Koff <irishman407 at gmail.com>
> Cc: pdns-users-ml <pdns-users at mailman.powerdns.com>
> Betreff: Re: [Pdns-users] PowerDNS Authoritative 4.6.2, how to log served responses (i.e. NOERROR, NXDOMAIN, SERVFAIL, etc)?
> 
> Hi Dmitriy,
> 
> https://doc.powerdns.com/authoritative/settings.html#log-dns-queries states that it logs "all incoming DNS queries", not the results.
> 
> If you want to log the results, you'll need to either increase the loglevel, tcpdump the results and parse those, or add something in front of the server (eg dnsdist) where you'd capture the result codes and log.
> 
> Frank
> 
> 
> 
> 
> On 14 Jun 2022, at 13:38, Dmitriy Koff via Pdns-users <pdns-users at mailman.powerdns.com<mailto:pdns-users at mailman.powerdns.com>> wrote:
> 
> Hello!
> 
> I'm trying to configure log for PowerDNS (4.6.2) and cannot figure how to log served responses (i.e. NOERROR, NXDOMAIN, SERVFAIL, etc)
> /etc/pdns/pdns.conf (parameters regarding logs)
> loglevel=5
> log-dns-details=yes
> log-dns-queries=yes
> query-logging=no
> 
> # nslookup example.com<http://example.com/> 127.0.0.1
> Server:         127.0.0.1
> Address:        127.0.0.1#53
> ** server can't find example.com<http://example.com/>: NXDOMAIN
> 
> All i've got in log is packetcache status of request (miss or hit) --
> "Remote 127.0.0.1 wants 'example.com<http://example.com/>|A', do = 0, bufsize = 512: packetcache MISS"
> 
> Expected something like
> "Remote 127.0.0.1 wants 'example.com<http://example.com/>|A', do = 0, bufsize = 512: packetcache MISS, NXDOMAIN"
> 
> Thanks in advance.
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com<mailto:Pdns-users at mailman.powerdns.com>
> https://mailman.powerdns.com/mailman/listinfo/pdns-users

> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/pdns-users

More information about the Pdns-users mailing list