DNS hit count on windows 2003 server
Hi,
We have our DNS running on windows server 2003 standard edition,
Is there any way i can see how much hits came on that DNS server during last specific period of time ?
Prompt response will be highly appreciated.
We have our DNS running on windows server 2003 standard edition,
Is there any way i can see how much hits came on that DNS server during last specific period of time ?
Prompt response will be highly appreciated.
by the way if you don't know about wireshark then wireshark is a free network packet analyzing utility !
ASKER
i can't use wireshark becasue.
1. it can be useful for a specific/planned time and couldn't run always due to huge log size output.
2. My management can anytime ask for these logs (present or historic) so wireshark is not a solution for me.
1. it can be useful for a specific/planned time and couldn't run always due to huge log size output.
2. My management can anytime ask for these logs (present or historic) so wireshark is not a solution for me.
Hi
2nd way is to enable Auditing for your DNS Zone
have a look to the Blog below for step by step guide (how to enable Auditing for a DNS Zone)
https://blogs.technet.com/b/yuridiogenes/archive/2008/03/06/auditing-a-dns-zone.aspx
2nd way is to enable Auditing for your DNS Zone
have a look to the Blog below for step by step guide (how to enable Auditing for a DNS Zone)
https://blogs.technet.com/b/yuridiogenes/archive/2008/03/06/auditing-a-dns-zone.aspx
You can use perfmon to monitor this. You can start a perfmon monitor and leave it running permanently.
start->perfmon, go to add counters, and under DNS, search for 'Total Query Received' or 'Total Query received/second'.
This will constantly consume disk space though so it's not a veyr good solution (only about 32KB per week or so though).
I'd recommend using Cacti, or a graphing tool that can query these stats and graph them for you over time, etc.
start->perfmon, go to add counters, and under DNS, search for 'Total Query Received' or 'Total Query received/second'.
This will constantly consume disk space though so it's not a veyr good solution (only about 32KB per week or so though).
I'd recommend using Cacti, or a graphing tool that can query these stats and graph them for you over time, etc.
ASKER
ddiazp
DNS counters have been configured as you suggested but the output log file having .blg format. how can i read the logs in blg file ? can't i get this into a plain text file ?
i dont want fancy/graphical report, only text data will suffice..
DNS counters have been configured as you suggested but the output log file having .blg format. how can i read the logs in blg file ? can't i get this into a plain text file ?
i dont want fancy/graphical report, only text data will suffice..
ASKER
i m getting logs in CSV after changing log file format to "Textfile:comma delimited" and configure file name ended with "mmddhhmm"
I am unable to understand below logs like 0 sounds logical that DNS didn't receive any query at that moment but what does "0.133350959" mean because query number either would be 0 or 1 or more than that.
\\server-name\DNS\Total Query Received/sec
0
0.133350959
0
0.066671168
0.200156868
I am unable to understand below logs like 0 sounds logical that DNS didn't receive any query at that moment but what does "0.133350959" mean because query number either would be 0 or 1 or more than that.
\\server-name\DNS\Total Query Received/sec
0
0.133350959
0
0.066671168
0.200156868
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Right-click the DNS server in the DNS MMC and select properties>Debug Logging
Select log packets for debugging and relevant options
Select log packets for debugging and relevant options
ASKER
Such a fantastic solution, thanks
use wireshark and just user filter to for DNS request between specific time
http://www.wireshark.org/news/20080204.html