export dns logs in a sidecar

Question

export dns logs in a sidecar

Closed this issue 10 months ago · 3 comments

At the moment, the http-logs-viewer reads the blocked dns requests directly from the logs files.

This creates a tight coupling between these 2 services. In addition, if the dns server restarts, logs are lost completely. Also, it's difficult to display logs to user if we have 2 dns servers in a region.

This is also a blocker for moving into microservice based solutions such as kubernetes.

These 2 operations should be decoupled.

We need a way to export the logs into a temp storage service like mysql or redis, during runtime of the dns server. Additionally, we can build the http logs viewer to read from the storage, instead of the log files.

Answer 1 · 2022-08-21T21:21:17.000Z

Do logs work when DoH is activated for you @ragibkl ? It doesnt seem to work for me

Answer 2 · 2022-08-21T23:48:20.000Z

Hi @Tomatoide ,

I tested this just now, and it works fine for me. Usually, it might not work if the dns query and the logs are viewed by different ipv4 vs ipv6. So I usually just disable ipv6 on my laptop to view this consistently.

Answer 3 · 2024-02-11T05:30:07.000Z

I'm closing this issue for now, for the following reasons.

Initially I thought that we needed this so that we can make it easier to debug dns queries on just a single location.

Looks like most people are just happy debugging their dns logs on each server directly.
Logs never leave the server, deleted each 10 mins.
Maybe this is best for user's privacy.

Current focus is to fix the logs endpoint, and maybe integrate front-end logs viewing directly on web-bancuh.
In any case, this is not needed.