How can I monitor requested IPs to a specific domain?
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
I have an A record in the DNS server which points to my server IP. Noted that I have multiple domain names which points to the same server too.
Now I need to know, which IPs send a request to this specific domain name? pbx.mywebsite.com
How can I figure it out?
linux centos dns ip
add a comment |Â
up vote
1
down vote
favorite
I have an A record in the DNS server which points to my server IP. Noted that I have multiple domain names which points to the same server too.
Now I need to know, which IPs send a request to this specific domain name? pbx.mywebsite.com
How can I figure it out?
linux centos dns ip
can you explain the context to which this applies (web service, ssh, ... ?)
â tonioc
Jan 14 at 9:56
@tonioc Not sure what you mean exactly, but it's all about a website, so I guess the answer is web service.
â stack
Jan 14 at 10:50
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I have an A record in the DNS server which points to my server IP. Noted that I have multiple domain names which points to the same server too.
Now I need to know, which IPs send a request to this specific domain name? pbx.mywebsite.com
How can I figure it out?
linux centos dns ip
I have an A record in the DNS server which points to my server IP. Noted that I have multiple domain names which points to the same server too.
Now I need to know, which IPs send a request to this specific domain name? pbx.mywebsite.com
How can I figure it out?
linux centos dns ip
asked Jan 14 at 9:46
stack
1082
1082
can you explain the context to which this applies (web service, ssh, ... ?)
â tonioc
Jan 14 at 9:56
@tonioc Not sure what you mean exactly, but it's all about a website, so I guess the answer is web service.
â stack
Jan 14 at 10:50
add a comment |Â
can you explain the context to which this applies (web service, ssh, ... ?)
â tonioc
Jan 14 at 9:56
@tonioc Not sure what you mean exactly, but it's all about a website, so I guess the answer is web service.
â stack
Jan 14 at 10:50
can you explain the context to which this applies (web service, ssh, ... ?)
â tonioc
Jan 14 at 9:56
can you explain the context to which this applies (web service, ssh, ... ?)
â tonioc
Jan 14 at 9:56
@tonioc Not sure what you mean exactly, but it's all about a website, so I guess the answer is web service.
â stack
Jan 14 at 10:50
@tonioc Not sure what you mean exactly, but it's all about a website, so I guess the answer is web service.
â stack
Jan 14 at 10:50
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
1
down vote
accepted
You can monitor the requests at several points of your infra-structure.
If your intentions are knowing who made the DNS requests, you can configure and activate BIND logs temporarily to log queries requests. At the BIND server, you can also run dnscap
or tcpdump
If you want to know who accessed the site, you can see the web server request logs, or use tcpdump
at the web server side.
In BIND to activate query logs, the syntax is:
logging
channel querylog
file "/var/log/querylog";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
;
category queries querylog;;
;
};
I got the whole of your answer except the last sentence. What's that code snippet? I hardly think it is a command:-)
.. So how can I execute it? what language is it? What does it do?
â stack
Jan 14 at 12:36
If you run your own DNS/BIND server for that domain, you include it inside theoptions
section for it to log all the queries done in a file, and then yougrep
it for your queries. Otherwise, ignore it.
â Rui F Ribeiro
Jan 14 at 13:12
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
accepted
You can monitor the requests at several points of your infra-structure.
If your intentions are knowing who made the DNS requests, you can configure and activate BIND logs temporarily to log queries requests. At the BIND server, you can also run dnscap
or tcpdump
If you want to know who accessed the site, you can see the web server request logs, or use tcpdump
at the web server side.
In BIND to activate query logs, the syntax is:
logging
channel querylog
file "/var/log/querylog";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
;
category queries querylog;;
;
};
I got the whole of your answer except the last sentence. What's that code snippet? I hardly think it is a command:-)
.. So how can I execute it? what language is it? What does it do?
â stack
Jan 14 at 12:36
If you run your own DNS/BIND server for that domain, you include it inside theoptions
section for it to log all the queries done in a file, and then yougrep
it for your queries. Otherwise, ignore it.
â Rui F Ribeiro
Jan 14 at 13:12
add a comment |Â
up vote
1
down vote
accepted
You can monitor the requests at several points of your infra-structure.
If your intentions are knowing who made the DNS requests, you can configure and activate BIND logs temporarily to log queries requests. At the BIND server, you can also run dnscap
or tcpdump
If you want to know who accessed the site, you can see the web server request logs, or use tcpdump
at the web server side.
In BIND to activate query logs, the syntax is:
logging
channel querylog
file "/var/log/querylog";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
;
category queries querylog;;
;
};
I got the whole of your answer except the last sentence. What's that code snippet? I hardly think it is a command:-)
.. So how can I execute it? what language is it? What does it do?
â stack
Jan 14 at 12:36
If you run your own DNS/BIND server for that domain, you include it inside theoptions
section for it to log all the queries done in a file, and then yougrep
it for your queries. Otherwise, ignore it.
â Rui F Ribeiro
Jan 14 at 13:12
add a comment |Â
up vote
1
down vote
accepted
up vote
1
down vote
accepted
You can monitor the requests at several points of your infra-structure.
If your intentions are knowing who made the DNS requests, you can configure and activate BIND logs temporarily to log queries requests. At the BIND server, you can also run dnscap
or tcpdump
If you want to know who accessed the site, you can see the web server request logs, or use tcpdump
at the web server side.
In BIND to activate query logs, the syntax is:
logging
channel querylog
file "/var/log/querylog";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
;
category queries querylog;;
;
};
You can monitor the requests at several points of your infra-structure.
If your intentions are knowing who made the DNS requests, you can configure and activate BIND logs temporarily to log queries requests. At the BIND server, you can also run dnscap
or tcpdump
If you want to know who accessed the site, you can see the web server request logs, or use tcpdump
at the web server side.
In BIND to activate query logs, the syntax is:
logging
channel querylog
file "/var/log/querylog";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
;
category queries querylog;;
;
};
edited Jan 14 at 11:31
answered Jan 14 at 11:11
Rui F Ribeiro
35.3k1270113
35.3k1270113
I got the whole of your answer except the last sentence. What's that code snippet? I hardly think it is a command:-)
.. So how can I execute it? what language is it? What does it do?
â stack
Jan 14 at 12:36
If you run your own DNS/BIND server for that domain, you include it inside theoptions
section for it to log all the queries done in a file, and then yougrep
it for your queries. Otherwise, ignore it.
â Rui F Ribeiro
Jan 14 at 13:12
add a comment |Â
I got the whole of your answer except the last sentence. What's that code snippet? I hardly think it is a command:-)
.. So how can I execute it? what language is it? What does it do?
â stack
Jan 14 at 12:36
If you run your own DNS/BIND server for that domain, you include it inside theoptions
section for it to log all the queries done in a file, and then yougrep
it for your queries. Otherwise, ignore it.
â Rui F Ribeiro
Jan 14 at 13:12
I got the whole of your answer except the last sentence. What's that code snippet? I hardly think it is a command
:-)
.. So how can I execute it? what language is it? What does it do?â stack
Jan 14 at 12:36
I got the whole of your answer except the last sentence. What's that code snippet? I hardly think it is a command
:-)
.. So how can I execute it? what language is it? What does it do?â stack
Jan 14 at 12:36
If you run your own DNS/BIND server for that domain, you include it inside the
options
section for it to log all the queries done in a file, and then you grep
it for your queries. Otherwise, ignore it.â Rui F Ribeiro
Jan 14 at 13:12
If you run your own DNS/BIND server for that domain, you include it inside the
options
section for it to log all the queries done in a file, and then you grep
it for your queries. Otherwise, ignore it.â Rui F Ribeiro
Jan 14 at 13:12
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f416990%2fhow-can-i-monitor-requested-ips-to-a-specific-domain%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
can you explain the context to which this applies (web service, ssh, ... ?)
â tonioc
Jan 14 at 9:56
@tonioc Not sure what you mean exactly, but it's all about a website, so I guess the answer is web service.
â stack
Jan 14 at 10:50