Logging DNS requests and responses to external SYSLOG servers

The DNS server in LANCOM devices resolves the DNS queries from clients. SYSLOG provides an overview of the clients, the names they requested, and the responses they received.

Important: It is not possible to use the router/access points own internal SYSLOG. For this reason it is necessary to employ an external SYSLOG server.

DNS logging is configured in LANconfig under DNS > General in the section SYSLOG.





Log the DNS resolutions on an external SYSLOG server
Select this option to enable the DNS logging.
Note: This option is independent of the setting in the SYSLOG module. Even if the SYSLOG module is disabled (setting under Logging/Monitoring > Protocols in the section SYSLOG), DNS logging is carried out nevertheless.
The corresponding SYSLOG message is structured as follows:
PACKET_INFO: DNS for <IP address>, TID {Hostname}: Resource record
Server address
Contains the IP address or the DNS name of the SYSLOG server.

The settings behind the button Advanced influence the content of SYSLOG messages.





Source
Contains the log source as displayed in the SYSLOG messages.
Priority
Contains the log level as displayed in the SYSLOG messages.
Source address (optional)
Contains the source address that is shown in the SYSLOG messages.

www.lancom-systems.com

LANCOM Systems GmbH | A Rohde & Schwarz Company | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E‑Mail info@lancom.de

LANCOM Logo