Steps to enable DNS Query Logging on Windows systems

How to
Milan Stanojevic
Milan Stanojevic Shield
Windows Toubleshooting Expert
How to
Reading time icon 2 min. read

Calendar icon Updated on

turn on DNS Query Logging
XINSTALL BY CLICKING THE DOWNLOAD FILE
A message from our partner

For fixing Windows errors, we recommend Fortect:

Fortect will identify and deploy the correct fix for your Windows errors. Follow the 3 easy steps to get rid of Windows errors:

  • Download Fortect and install it on your PC
  • Launch the tool and Start scanning your PC for Windows errors
  • Right-click on Start Repair to deploy the right fix for each error encountered during the scan
Download Now Fortect has been downloaded by 0 readers this month, rated 4.6 on TrustPilot

Microsoft released a new version of the Sysmon tool. The company confirmed that Windows system monitor now supports DNS query logging.

This tool is developed by the CTO of Microsoft Azure Mark Russinovich, who announced the new feature on his official Twitter account. Russinovich attached a screenshot showing how the tool logs DNS queries and information.

Let’s discuss how Sysmon works. It basically monitors specific events currently on the system and then maintains their record in the event log.

But from now onwards, the new Sysmon version brings DNS query logging support. Interestingly, you can also spot which query initiated the program by looking at the “Image” value.

How to enable DNS logging on Windows

  1. Open the run dialogue box by hitting Windows+R keys.

Open Run

  1. Now type eventvwr.msc in the dialogue box and hit Enter. It will open the Event Viewer Window.
  2. At this step, navigate to Applications and Service Logs >> Microsoft >> Windows >> DNS Client Events >> Operational.DNS Client Events
  3. You will see Operational option, right click on it and click Enable Log.

Finally, DNS logging is now enabled on your system. 

Users are excited about this feature

Windows users are really excited about this new feature. Many users started commenting on the post about how the feature would be beneficial.

It looks like you get more data in one event with this vs the dns client log. If you are already using sysmon this is a big win. Don’t have to ask the windows team to turn on DNS client logs.

Another Windows user stated:

Yep so many times I had to fire up message analyzer to grab the process making the DNS request. Really exciting!

What do you think about DNS query logging feature in Windows system monitor? Let us know in the comments section below.

RELATED ARTICLES YOU NEED TO CHECK OUT:

DNS server not authoritative for zone error on Command Prompt [FIX]

Fix This: Your DNS Server Might be Unavailable in Windows 8, 8.1, 10

More about the topics: windows 10

Milan Stanojevic

Milan Stanojevic Shield

Windows Toubleshooting Expert

Milan has been enthusiastic about technology ever since his childhood days, and this led him to take interest in all PC-related technologies. He's a PC enthusiast and he spends most of his time learning about computers and technology. Before joining WindowsReport, he worked as a front-end web developer. Now, he's one of the Troubleshooting experts in our worldwide team, specializing in Windows errors & software issues.

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

User forum

0 messages