MaraDNS: Logging

david sevilla dsevilla00 at hotmail.com
Wed May 12 08:36:56 EDT 2010


Charles,Do you really want to do that?I've taken wireshark traces when opening a simple website like yahoo.com and you would be surprised at the number of DNS queries (a lot of them for the advertising crap).So,1-You may be misled to think that your "users" are visiting a lot of websites2-it may be too much work for you if you want to do anything meaningful with the data
This is all of course in my non-expert, honest opinion.

> Date: Wed, 12 May 2010 08:49:22 +0200
> From: remco at webconquest.com
> To: list at maradns.org
> Subject: Re: MaraDNS: Logging
> 
> Charles Bray wrote:
> > I am sure this must be a common question... please excuse I am a newbie sysadmin.
> > 
> > We are using OpenDNS for filtering web content at our small office, but we need per-user (even just ip address) reporting.  OpenDNS can not do this since we are behind a NAT.
> > 
> > Can MaraDNS be used to sit between our users and the OpenDNS service, and simply spit out a nice log file of which local IP addresses requested what DNS names?
> 
> Hi Charles,
> 
> Put the following in your mararc file:
> 
> verbose_level = 3
> 
> This will log all queries received. You'll have to do some parsing of
> the logfile yourself to extract meaningful information, but it should
> return lines like:
> 
> May 12 02:48:23 sevensisters maradns.etc_maradns_mararc: Query from:
> 194.30.0.1 Aaurora.webconquest.com.
> May 12 02:48:23 sevensisters maradns.etc_maradns_mararc:  Log: Message
> received, processing
> May 12 02:48:29 sevensisters maradns.etc_maradns_mararc: Query from:
> 194.30.0.1 Uaurora.webconquest.com.
> May 12 02:48:29 sevensisters maradns.etc_maradns_mararc:  Log: Message
> received, processing
> 
> I hope this helps.
> 
> Kind regards,
> 
> Remco
> 
> 
> 
 		 	   		  
_________________________________________________________________
The New Busy is not the too busy. Combine all your e-mail accounts with Hotmail.
http://www.windowslive.com/campaign/thenewbusy?tile=multiaccount&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_4


More information about the list mailing list