• State Suggested Answer
  • Locked Locked
  • Replies 18 replies
  • Answers 2 answers
  • Subscribers 15 subscribers
  • Views 13749 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intrust Add-in for DNS debug logs

nicole.h.dodd.ctr
over 6 years ago

Is there still a way to capture DNS debug logs with Intrust? If so, can you tell me where to find the add-in?

 

Thanks,

Nicole

Parents
  • 0 over 6 years ago

    Hi Nicole,

    There are two parts here

    1. You have a lot of old files with date-time suffix and want to have them in the Repository. I cannot recommend here anything but specifying them one by one in the data source and collect one by one, unfortunately this data source does not support file masks like dns*.log.
    2. How to collect the current file. This is more interesting question. As far as I know the default retention of this log implies only one file. In the DNS server properties you specify the file name and maximum size. When the size is reached, the log is backed-up and cleared. Collecting the current file is not a good idea because it is changing constantly and we cannot foresee a moment when it is cleaned, and we may loose some records between our last gathering and file clean-up. The backup file does not change and my proposal is to collect this file.
      • Specify %WinDir%\\Sysnative\\dns\\backup\\dns.log in the data source.
      • Schedule the task with the period significantly less than the average dns log retention period. I mean that if dns log is overwritten for example once a day, schedule the task to collect twice a day.
    3. A side question is how your retention organized.

    If your issue is resolved, please click "This helped me" under the most valuable answer. If you have other questions please feel free to ask.

Reply
  • 0 over 6 years ago

    Hi Nicole,

    There are two parts here

    1. You have a lot of old files with date-time suffix and want to have them in the Repository. I cannot recommend here anything but specifying them one by one in the data source and collect one by one, unfortunately this data source does not support file masks like dns*.log.
    2. How to collect the current file. This is more interesting question. As far as I know the default retention of this log implies only one file. In the DNS server properties you specify the file name and maximum size. When the size is reached, the log is backed-up and cleared. Collecting the current file is not a good idea because it is changing constantly and we cannot foresee a moment when it is cleaned, and we may loose some records between our last gathering and file clean-up. The backup file does not change and my proposal is to collect this file.
      • Specify %WinDir%\\Sysnative\\dns\\backup\\dns.log in the data source.
      • Schedule the task with the period significantly less than the average dns log retention period. I mean that if dns log is overwritten for example once a day, schedule the task to collect twice a day.
    3. A side question is how your retention organized.

    If your issue is resolved, please click "This helped me" under the most valuable answer. If you have other questions please feel free to ask.

Children
No Data