How can I monitor requested IPs to a specific domain?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
1
down vote

favorite












I have an A record in the DNS server which points to my server IP. Noted that I have multiple domain names which points to the same server too.



Now I need to know, which IPs send a request to this specific domain name? pbx.mywebsite.com



How can I figure it out?







share|improve this question




















  • can you explain the context to which this applies (web service, ssh, ... ?)
    – tonioc
    Jan 14 at 9:56










  • @tonioc Not sure what you mean exactly, but it's all about a website, so I guess the answer is web service.
    – stack
    Jan 14 at 10:50














up vote
1
down vote

favorite












I have an A record in the DNS server which points to my server IP. Noted that I have multiple domain names which points to the same server too.



Now I need to know, which IPs send a request to this specific domain name? pbx.mywebsite.com



How can I figure it out?







share|improve this question




















  • can you explain the context to which this applies (web service, ssh, ... ?)
    – tonioc
    Jan 14 at 9:56










  • @tonioc Not sure what you mean exactly, but it's all about a website, so I guess the answer is web service.
    – stack
    Jan 14 at 10:50












up vote
1
down vote

favorite









up vote
1
down vote

favorite











I have an A record in the DNS server which points to my server IP. Noted that I have multiple domain names which points to the same server too.



Now I need to know, which IPs send a request to this specific domain name? pbx.mywebsite.com



How can I figure it out?







share|improve this question












I have an A record in the DNS server which points to my server IP. Noted that I have multiple domain names which points to the same server too.



Now I need to know, which IPs send a request to this specific domain name? pbx.mywebsite.com



How can I figure it out?









share|improve this question











share|improve this question




share|improve this question










asked Jan 14 at 9:46









stack

1082




1082











  • can you explain the context to which this applies (web service, ssh, ... ?)
    – tonioc
    Jan 14 at 9:56










  • @tonioc Not sure what you mean exactly, but it's all about a website, so I guess the answer is web service.
    – stack
    Jan 14 at 10:50
















  • can you explain the context to which this applies (web service, ssh, ... ?)
    – tonioc
    Jan 14 at 9:56










  • @tonioc Not sure what you mean exactly, but it's all about a website, so I guess the answer is web service.
    – stack
    Jan 14 at 10:50















can you explain the context to which this applies (web service, ssh, ... ?)
– tonioc
Jan 14 at 9:56




can you explain the context to which this applies (web service, ssh, ... ?)
– tonioc
Jan 14 at 9:56












@tonioc Not sure what you mean exactly, but it's all about a website, so I guess the answer is web service.
– stack
Jan 14 at 10:50




@tonioc Not sure what you mean exactly, but it's all about a website, so I guess the answer is web service.
– stack
Jan 14 at 10:50










1 Answer
1






active

oldest

votes

















up vote
1
down vote



accepted










You can monitor the requests at several points of your infra-structure.



If your intentions are knowing who made the DNS requests, you can configure and activate BIND logs temporarily to log queries requests. At the BIND server, you can also run dnscap or tcpdump



If you want to know who accessed the site, you can see the web server request logs, or use tcpdump at the web server side.



In BIND to activate query logs, the syntax is:



logging 

channel querylog
file "/var/log/querylog";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
;
category queries querylog;;
;
};





share|improve this answer






















  • I got the whole of your answer except the last sentence. What's that code snippet? I hardly think it is a command :-) .. So how can I execute it? what language is it? What does it do?
    – stack
    Jan 14 at 12:36










  • If you run your own DNS/BIND server for that domain, you include it inside the options section for it to log all the queries done in a file, and then you grep it for your queries. Otherwise, ignore it.
    – Rui F Ribeiro
    Jan 14 at 13:12











Your Answer







StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);








 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f416990%2fhow-can-i-monitor-requested-ips-to-a-specific-domain%23new-answer', 'question_page');

);

Post as a guest






























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
1
down vote



accepted










You can monitor the requests at several points of your infra-structure.



If your intentions are knowing who made the DNS requests, you can configure and activate BIND logs temporarily to log queries requests. At the BIND server, you can also run dnscap or tcpdump



If you want to know who accessed the site, you can see the web server request logs, or use tcpdump at the web server side.



In BIND to activate query logs, the syntax is:



logging 

channel querylog
file "/var/log/querylog";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
;
category queries querylog;;
;
};





share|improve this answer






















  • I got the whole of your answer except the last sentence. What's that code snippet? I hardly think it is a command :-) .. So how can I execute it? what language is it? What does it do?
    – stack
    Jan 14 at 12:36










  • If you run your own DNS/BIND server for that domain, you include it inside the options section for it to log all the queries done in a file, and then you grep it for your queries. Otherwise, ignore it.
    – Rui F Ribeiro
    Jan 14 at 13:12















up vote
1
down vote



accepted










You can monitor the requests at several points of your infra-structure.



If your intentions are knowing who made the DNS requests, you can configure and activate BIND logs temporarily to log queries requests. At the BIND server, you can also run dnscap or tcpdump



If you want to know who accessed the site, you can see the web server request logs, or use tcpdump at the web server side.



In BIND to activate query logs, the syntax is:



logging 

channel querylog
file "/var/log/querylog";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
;
category queries querylog;;
;
};





share|improve this answer






















  • I got the whole of your answer except the last sentence. What's that code snippet? I hardly think it is a command :-) .. So how can I execute it? what language is it? What does it do?
    – stack
    Jan 14 at 12:36










  • If you run your own DNS/BIND server for that domain, you include it inside the options section for it to log all the queries done in a file, and then you grep it for your queries. Otherwise, ignore it.
    – Rui F Ribeiro
    Jan 14 at 13:12













up vote
1
down vote



accepted







up vote
1
down vote



accepted






You can monitor the requests at several points of your infra-structure.



If your intentions are knowing who made the DNS requests, you can configure and activate BIND logs temporarily to log queries requests. At the BIND server, you can also run dnscap or tcpdump



If you want to know who accessed the site, you can see the web server request logs, or use tcpdump at the web server side.



In BIND to activate query logs, the syntax is:



logging 

channel querylog
file "/var/log/querylog";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
;
category queries querylog;;
;
};





share|improve this answer














You can monitor the requests at several points of your infra-structure.



If your intentions are knowing who made the DNS requests, you can configure and activate BIND logs temporarily to log queries requests. At the BIND server, you can also run dnscap or tcpdump



If you want to know who accessed the site, you can see the web server request logs, or use tcpdump at the web server side.



In BIND to activate query logs, the syntax is:



logging 

channel querylog
file "/var/log/querylog";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
;
category queries querylog;;
;
};






share|improve this answer














share|improve this answer



share|improve this answer








edited Jan 14 at 11:31

























answered Jan 14 at 11:11









Rui F Ribeiro

35.3k1270113




35.3k1270113











  • I got the whole of your answer except the last sentence. What's that code snippet? I hardly think it is a command :-) .. So how can I execute it? what language is it? What does it do?
    – stack
    Jan 14 at 12:36










  • If you run your own DNS/BIND server for that domain, you include it inside the options section for it to log all the queries done in a file, and then you grep it for your queries. Otherwise, ignore it.
    – Rui F Ribeiro
    Jan 14 at 13:12

















  • I got the whole of your answer except the last sentence. What's that code snippet? I hardly think it is a command :-) .. So how can I execute it? what language is it? What does it do?
    – stack
    Jan 14 at 12:36










  • If you run your own DNS/BIND server for that domain, you include it inside the options section for it to log all the queries done in a file, and then you grep it for your queries. Otherwise, ignore it.
    – Rui F Ribeiro
    Jan 14 at 13:12
















I got the whole of your answer except the last sentence. What's that code snippet? I hardly think it is a command :-) .. So how can I execute it? what language is it? What does it do?
– stack
Jan 14 at 12:36




I got the whole of your answer except the last sentence. What's that code snippet? I hardly think it is a command :-) .. So how can I execute it? what language is it? What does it do?
– stack
Jan 14 at 12:36












If you run your own DNS/BIND server for that domain, you include it inside the options section for it to log all the queries done in a file, and then you grep it for your queries. Otherwise, ignore it.
– Rui F Ribeiro
Jan 14 at 13:12





If you run your own DNS/BIND server for that domain, you include it inside the options section for it to log all the queries done in a file, and then you grep it for your queries. Otherwise, ignore it.
– Rui F Ribeiro
Jan 14 at 13:12













 

draft saved


draft discarded


























 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f416990%2fhow-can-i-monitor-requested-ips-to-a-specific-domain%23new-answer', 'question_page');

);

Post as a guest













































































Popular posts from this blog

How to check contact read email or not when send email to Individual?

Displaying single band from multi-band raster using QGIS

How many registers does an x86_64 CPU actually have?