Querylogging - BlueCat Address Manager - 8.2.0

Address Manager Administration Guide

prodname
BlueCat Address Manager
version_custom
8.2.0

DNS/DHCP Server includes a powerful channel logging feature that creates detailed DNS logs according to the settings that you specify. Querylogging is disabled by default on DNS/DHCP Server appliances and virtual machines. You can configure channel logging in Querylogging Configuration mode.

Logs can record various errors, warnings, notices, and other types of information as the DNS service runs. Logs are divided into channels. Each channel records a particular event category at a particular severity level, and then outputs its contents to a log file. For example, you can configure a channel to record query events. If required, DNS/DHCP Server can mark each log entry with its time, severity, and category (these are optional).

To view the status of log channels on the DNS Server, use show querylogging from Main Session mode.

Adonis> show querylogging
State = Enable
Channel: example
    File = example.txt
    Size = 3m
    Severity = error
    Category = database, default, queries, security
    Print-severity = Yes
Press Tab to view a list of available commands, or type ? to view a description of each available item:
  • Add—add a channel for querylogging.
  • Disable—disable querylogging.
  • Enable—enable querylogging.
  • Exit—exit from querylogging configuration mode and check for any unsaved changes.
  • Help—display help information
  • History—display the current session’s command line history.
  • Modify—edit a querylogging channel.
  • Remove—delete a querylogging channel.
  • Show—display querylogging details.

Limitation

Restarting DNS Service on a managed DNS/DHCP Server will automatically disable querylogging on the managed server. However, if you have enabled ArcSight or QRadar, the state of querylogging will be preserved upon restart of DNS Service.