3629 
4
This dashboard emulates the NIOS "Last Queried" feature using the Data Connector based query logging capability. The advantage to this approach is you can get last queried information for both authoritative and recursive queries.
Note that this method will not show records that exist, but have never been queried. This is because it relies on the DNS log. So if the record is never queried, it never gets into the log. Also, this method will not reflect querys handled by our DNS Caching Acceleration solution.
<form>
<label>Last Queried - Query Logging</label>
<fieldset submitButton="true">
<input type="time" token="field1" searchWhenChanged="true">
<label></label>
<default>
<earliest>-7d@h</earliest>
<latest>now</latest>
</default>
</input>
<input type="text" token="domain_filter" searchWhenChanged="true">
<label>Domain/Host Filter</label>
<default>*</default>
<initialValue>*</initialValue>
</input>
</fieldset>
<row>
<panel>
<table>
<title>Queries</title>
<search>
<query>index="ib_dns_capture" $domain_filter$ | stats first(_time) AS latest_time by query | convert ctime(latest_time) |rename latest_time as "Last Queried" query as Domain |sort -"Last Queried"</query>
<earliest>$field1.earliest$</earliest>
<latest>$field1.latest$</latest>
</search>
<option name="wrap">true</option>
<option name="rowNumbers">false</option>
<option name="dataOverlayMode">none</option>
<option name="drilldown">cell</option>
<option name="count">50</option>
</table>
</panel>
</row>
</form>
