none
DNS queries history. RRS feed

  • Question

  • Hi everyone!

      Is there a query history on DNS Server that shows me what records are queried? In other words, I have several records created in a domain for application purpose that we do not know if it are in use or not. I would like to clean those old DNS records not used anymore, but I have difficult to identify it.

    Hope I was clear enough.


    Doria

    Wednesday, June 26, 2019 11:44 AM

Answers

  • Hello Doria,

    There are logs in the DNS server that log which records are queried. Maybe you can find out which records are not queried by comparing these logs with the records in DNS.

    Right click your DNS server->Properties->Debug Logging, then check the data to be recorded.

    Then you can see which records are queried in the dns.log file. Below is an example:

    The record being queried is hak.xxx.com.

    Best Regards,

    HK.Leon


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by dydoria Thursday, June 27, 2019 1:14 PM
    Thursday, June 27, 2019 1:47 AM

All replies

  • Hello Doria,

    You could refer to the following link:
    Querying and Identifying static DNS records with PowerShell

    There are also various of already made scripts for this, you can find some on the TechNet Gallery or by using your favorite search engine.

    Here's one from the TechNet Gallery:
    Report on Stale DNS Records with Powershell


    If you want to clean up old records, you might want to consider using DNS Scavenging:
    Understanding Aging and Scavenging

    Best regards,
    Leon


    Blog: https://thesystemcenterblog.com LinkedIn:

    Wednesday, June 26, 2019 11:55 AM
  • Hi Leon,

      Thanks for your answer.

      Perhaps, I am not looking for a list of DNS and CNAME records or finding out what dynamic DNS stale records will be removed from DNS Server. It´s quite a bit different; I need to discover what static records are not queried by clients anymore... are not in use.

      Does DNS Server records it?


    Doria


    • Edited by dydoria Wednesday, June 26, 2019 12:48 PM grammar
    Wednesday, June 26, 2019 12:47 PM
  • Hello Doria,

    There are logs in the DNS server that log which records are queried. Maybe you can find out which records are not queried by comparing these logs with the records in DNS.

    Right click your DNS server->Properties->Debug Logging, then check the data to be recorded.

    Then you can see which records are queried in the dns.log file. Below is an example:

    The record being queried is hak.xxx.com.

    Best Regards,

    HK.Leon


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by dydoria Thursday, June 27, 2019 1:14 PM
    Thursday, June 27, 2019 1:47 AM
  • That´s it!

      Thanks Leon.


    Doria

    Thursday, June 27, 2019 1:14 PM
  • You are welcome, Doria.

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, June 28, 2019 1:07 AM