Content

This feature allows you to see your domain’s live query traffic through one of our points of presence for a minute long period. Watch queries in real time on an interactive map or in raw tabular form. Raw query data can be filtered by:

  • Record name
  • Source address
  • EDNS client
  • IP version
  • Record type
  • ISO country
  • City

Query logs can be saved and re-uploaded later for historical comparison.

Use Cases:

  • Identify system misconfigurations
  • Compare capacity trends over time to detect attacks
  • Identify stale or unused records
  • Pinpoint a CDN (or other cloud service) that is making excess requests

How to Use Query Logging

You will first need to log into the Analytics platform. All DNS Made Easy members can access DNS Analytics for free. All memberships include a minimum of one query log per month.

In the Queries by Domain table, select the domain you want to view.

Scroll down below the interactive map and pick a location from the Queries by Location table by clicking the play button in the logging column to the left of the location’s name. Each location is a point of presence in our network. By default, the table will list locations in order of query volume.

Initiate the query log by clicking the play button. This will start a minute long query log and you will be able to see incoming queries for your domain as the queries hit the nameservers at your chosen point of presence.

You can change your view by clicking the Raw, Top, or Map buttons.

Current query log can be downloaded as a CSV file by clicking the 

 button. Downloaded query logs can later be reuploaded and viewed by clicking the 

 button.

Raw View

View a text file that logs each query, timestamp and associated information in real time.

Top View

Filter query data by:

  • Record name
  • Source address
  • EDNS client
  • IP version
  • Record type
  • ISO country
  • City
dns analytics

See query counts for each item (eg: for City, each row is a city name) and displays the fraction of the total query count.

Map View

Queries are displayed as yellow circles that are sized relative to query counts at each location. 

The purple dots (by default) show the source address of incoming queries. You can change this setting by choosing “ISO Country” or “City” in the dropdown menu to the left of the map.

Was this article helpful to you?

Comments are closed.