Procedure: Enable DNS Diagnostic Events
Applies To: Windows Server 2012 R2, Windows Server 2012
DNS server debug logging is enabled by default with individual diagnostic events disabled. You can use the procedures in this topic to enable diagnostic event logging and change other event log parameters.
Tip
By default, the DNS debug log is located in the %windir%\system32\dns directory.
In this section
View and modify the event logging status
Membership in the Administrators group, or equivalent, is the minimum required to complete these procedures. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).
To view event logging status
Open an elevated Windows PowerShell prompt on a DNS server.
Use the Get-DnsServerDiagnostics cmdlet to view the status of individual diagnostic events. See the following example.
PS C:\> Get-DnsServerDiagnostics SaveLogsToPersistentStorage : False Queries : False Answers : False Notifications : False Update : False QuestionTransactions : False UnmatchedResponse : False SendPackets : False ReceivePackets : False TcpPackets : False UdpPackets : False FullPackets : False FilterIPAddressList : EventLogLevel : 4 UseSystemEventLog : False EnableLoggingToFile : True EnableLogFileRollover : False LogFilePath : MaxMBFileSize : 500000000 WriteThrough : False EnableLoggingForLocalLookupEvent : False EnableLoggingForPluginDllEvent : False EnableLoggingForRecursiveLookupEvent : False EnableLoggingForRemoteServerEvent : False EnableLoggingForServerStartStopEvent : False EnableLoggingForTombstoneEvent : False EnableLoggingForZoneDataWriteEvent : False EnableLoggingForZoneLoadingEvent : False
To enable diagnostic events in the event log
Open an elevated Windows PowerShell prompt on the DNS server where you wish to enable event logging.
Use the Set-DnsServerDiagnostics cmdlet to enable individual diagnostic events, or you can enable all diagnostic events at once. See the following example.
PS C:\> Set-DnsServerDiagnostics -All $trueThe previous command will set the status of all diagnostic events to True.
Important
The Set -DnsServerDiagnostics -All $true cmdlet implicitly sets the -EnableLogFileRollover option to $true. This setting means that when the log file reaches its maximum size, Windows starts a new log file instead of overwriting the existing log file. The computer can accumulate enough log files to affect its performance and fill its hard drive. To avoid these issues, consider enabling individual diagnostic events. Alternatively, if you can capture the information that you want in the log file before the file grows to 500 MB, enter the Set -DnsServerDiagnostics -EnableLogFileRollover $false cmdlet after the Set -DnsServerDiagnostics -All $true cmdlet.
You can verify this status with the Get-DnsServerDiagnostics cmdlet. See the following example.
PS C:\> Get-DnsServerDiagnostics SaveLogsToPersistentStorage : True Queries : True Answers : True Notifications : True Update : True QuestionTransactions : True UnmatchedResponse : True SendPackets : True ReceivePackets : True TcpPackets : True UdpPackets : True FullPackets : True FilterIPAddressList : EventLogLevel : 7 UseSystemEventLog : False EnableLoggingToFile : True EnableLogFileRollover : True LogFilePath : MaxMBFileSize : 500000000 WriteThrough : True EnableLoggingForLocalLookupEvent : True EnableLoggingForPluginDllEvent : True EnableLoggingForRecursiveLookupEvent : True EnableLoggingForRemoteServerEvent : True EnableLoggingForServerStartStopEvent : True EnableLoggingForTombstoneEvent : True EnableLoggingForZoneDataWriteEvent : True EnableLoggingForZoneLoadingEvent : TrueYou can also enable only selected diagnostic events. See the following example.
PS C:\> Set-DnsServerDiagnostics -Queries $true -Answers $true -Notifications $true -SendPackets $true -ReceivePackets $true -TcpPackets $true -UdpPackets $true PS C:\> Get-DnsServerDiagnostics SaveLogsToPersistentStorage : False Queries : True Answers : True Notifications : True Update : False QuestionTransactions : False UnmatchedResponse : False SendPackets : True ReceivePackets : True TcpPackets : True UdpPackets : True FullPackets : False FilterIPAddressList : EventLogLevel : 0 UseSystemEventLog : False EnableLoggingToFile : False EnableLogFileRollover : False LogFilePath : MaxMBFileSize : 500000000 WriteThrough : False EnableLoggingForLocalLookupEvent : False EnableLoggingForPluginDllEvent : False EnableLoggingForRecursiveLookupEvent : False EnableLoggingForRemoteServerEvent : False EnableLoggingForServerStartStopEvent : False EnableLoggingForTombstoneEvent : False EnableLoggingForZoneDataWriteEvent : False EnableLoggingForZoneLoadingEvent : False
To enable debug log rollover
Open an elevated Windows PowerShell prompt on the DNS server where you wish to enable event logging.
Use the Set-DnsServerDiagnostics cmdlet to enable debug log rollover. See the following example.
PS C:\> Set-DnsServerDiagnostics -EnableLogFileRollover $true