Reply

Reporting how to search for dns query and get orginal host of query

[ Edited ]
MJonkers
Techie
Posts: 3
5185     0

Hi,

 

I'm new to reporting, how do I find hosts who queried a specific domain name?

 

regards Marc

Re: Reporting how to search for dns query and get orginal host of query

[ Edited ]
Expert
Posts: 81
5186     0

Hi Marc,

 

If reporting feature was configured properly, you can check this information at the "DNS Domain Queried by Client" dashboard.

 

From the admin guide: The DNS Domain Queried by Client dashboard shows the DNS domains being queried by the client. This dashboard displays the DNS domains that are being queried from both the internal and external sources. 

 

Hope this helps!

 

Regards,

 

Re: Reporting how to search for dns query and get orginal host of query

MJonkers
Techie
Posts: 3
5186     0

Hi,

 

Where do I find DNS Domain Queried by Client dashboard? We have the integrated splunk reporting appliance.

Or can I build a query myself? Ifso, how?

 

Thx for the reply.

 

regards Marc

Re: Reporting how to search for dns query and get orginal host of query

Expert
Posts: 81
5186     0

Hi Marc,

 

If you're using NIOS 7.3+: Navigate to "Reporting" tab, then to 'Dashboards" and check the list for the item.

From what I've seen, this dashboard is only available to NIOS versions above 7.3.x

 

If you're using NIOS in different versions I think the "DNS Top Clients Per Domain" report  ("Reporting" tab, then "Reports") might be useful in this case.

 

If you are looking for real-time logging for this query, you can enable the query logging on the Infoblox member and look for the query inside the member's syslog. 

 

Hope it helps!

Paulo

Re: Reporting how to search for dns query and get orginal host of query

Adviser
Posts: 118
5186     0

The "DNS Domain Queried by Client" report requires the Data Collector VM. The Data Collector is a free VM (currently in beta) which is designed to offload the processing of DNS log data from the grid members. It is currently in beta, but fully functional. You should reach out to your Infoblox rep and request to participate in the beta program.

Re: Reporting how to search for dns query and get orginal host of query

MJonkers
Techie
Posts: 3
5186     0

Thx I will do that

Showing results for 
Search instead for 
Do you mean 

Recommended for You