All DNS hosting providers have access to the query logs for their clients’ domains. However, only recently has the technology become available to leverage this data to provide valuable insight into domain activity.
DNS Analytics allow you to view your domain(s) query logs in visual forms like line and bar charts, interactive maps, and filterable tables. This information is used to:
- Troubleshoot influxes in query traffic
- Detect DDoS attacks early
- Gather insight into your DNS infrastructure
- Examine request loads on DNS servers and zones
- Compare capacity trends over time
- Identify stale or unused records
- Evaluate affects of service or configuration changes
You can watch a live demo of all of these use cases in the recording below taken from last week’s webinar where we introduced our analytics platform.
You can use DNS Analytics to pinpoint a CDN (Content Delivery Network) that is making too many requests. You can filter query logs by Source IP and contact the CDN provider that is making excess requests. This is typically the result of a misconfiguration during setup.
Troubleshoot overages and excess queries by filtering your query logs by Source IP and Record Type.
Usually happens when you turn up a new system and a configuration error will cause the system to make too many requests.
DDoS or DNS-level Attack
Filter results by Location, Record Type, and Source IP to pinpoint the source of a DNS-level attack. You can also compare your results over different time periods by downloading query logs and comparing them in two separate browser windows. Historical data can be reuploaded to DNS Analytics (learn how) so you can detect traffic abnormalities.
How to Use DNS Analytics
Log into DNS Analytics by using your DNS Made Easy login credentials.
Dashboard (Account Analytics)
The dashboard gives you a high-level overview of your account’s query activity for the past billing cycle (usually a month).
In the first section, you can v
Daily Queries Bar Chart
Query counts by day for all domains in the account.
All charts/tables default to a two-week time range from the current day. Available actions for all charts:
- Scroll to zoom
- Click and drag to move the map
- Hover to show additional data
Queries by Domain Table and Chart
Use the table to quickly spot deviations in traffic. This is also where you can click on a domain name to access more in-depth analytics for that domain.
You can select domains by clicking the checkbox next to them for comparison in a stacked bar chart below the table.
Query Logging Events Table
The table displays any query logs that were requested recently.
Time series displays the number of queries over the selected date range. Hover over the graph to see total queries at each 30-minute interval and min/max by location.
Queries by Location Map
Queries are shown as circles that have been sized relative to the query counts at each location. Hover to see min/max/mean which is calculated based on the total query counts taken every thirty minutes.
Queries by Location Table
View query logs for your domain from one of the sixteen points of presence in our network by clicking the play icon in the “Logging” column.
Select which locations you want to view in the time series below.
Query Time Series by Location
Compare selected locations in a line graph. Click the name of a location in the legend to remove it from the time series. Hover to see total queries for all locations at each 30-minute interval.
Learn how to use our Query Logging service here.