MaraDNS: Logging
david sevilla
dsevilla00 at hotmail.com
Wed May 12 08:36:56 EDT 2010
Charles,Do you really want to do that?I've taken wireshark traces when opening a simple website like yahoo.com and you would be surprised at the number of DNS queries (a lot of them for the advertising crap).So,1-You may be misled to think that your "users" are visiting a lot of websites2-it may be too much work for you if you want to do anything meaningful with the data
This is all of course in my non-expert, honest opinion.
> Date: Wed, 12 May 2010 08:49:22 +0200
> From: remco at webconquest.com
> To: list at maradns.org
> Subject: Re: MaraDNS: Logging
>
> Charles Bray wrote:
> > I am sure this must be a common question... please excuse I am a newbie sysadmin.
> >
> > We are using OpenDNS for filtering web content at our small office, but we need per-user (even just ip address) reporting. OpenDNS can not do this since we are behind a NAT.
> >
> > Can MaraDNS be used to sit between our users and the OpenDNS service, and simply spit out a nice log file of which local IP addresses requested what DNS names?
>
> Hi Charles,
>
> Put the following in your mararc file:
>
> verbose_level = 3
>
> This will log all queries received. You'll have to do some parsing of
> the logfile yourself to extract meaningful information, but it should
> return lines like:
>
> May 12 02:48:23 sevensisters maradns.etc_maradns_mararc: Query from:
> 194.30.0.1 Aaurora.webconquest.com.
> May 12 02:48:23 sevensisters maradns.etc_maradns_mararc: Log: Message
> received, processing
> May 12 02:48:29 sevensisters maradns.etc_maradns_mararc: Query from:
> 194.30.0.1 Uaurora.webconquest.com.
> May 12 02:48:29 sevensisters maradns.etc_maradns_mararc: Log: Message
> received, processing
>
> I hope this helps.
>
> Kind regards,
>
> Remco
>
>
>
_________________________________________________________________
The New Busy is not the too busy. Combine all your e-mail accounts with Hotmail.
http://www.windowslive.com/campaign/thenewbusy?tile=multiaccount&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_4
More information about the list
mailing list