Sharing a little program we used to analyze DNS log files of Microsoft Windows Server (DNS debug logging turned on with default settings).
It takes one parameter – path to the log file, reads and proceses the file and then displays stats about recieved DNS requests.
The result is two tables:
– Distinct list of DNS clients IPs
– List of FQDNs resolved by each DNS client
script can be downloaded here
As always – use it on your own risk.
WARNING! don’t run it on production systems. It read all log file to memory (for performance reasons)
what can cause problems in certain situations.