One of the first things you should do when troubleshooting a problem like this is to enable DNS debug logging. But when you’re forced to look at the log debug logging creates, you’re in for a rude awakening. Make it easier by creating a DNS debug log parser script with PowerShell!
Not a reader? Watch this related video tutorial!How to Build a DNS Debug Log Parser with PowerShell
You’ve got a ton of different options to debug but in my case, I need more information regarding dynamic updates. This is what my configuration looks like on one of my DNS servers.
When this is enabled, it will begin creating a log file at the file path you specify which looks like this:
The first row of marked out lines is the IP address and the last row is the DNS record it attempted to update. These were marked out for obvious reasons. Depending on the options you choose this log file can become enormous and isn’t in the easiest format to read.
What if I want to filter out just a single IP or narrow it down by a certain timeframe? You can’t do that with the default log file. This is why I created a DNS debug log parser script with PowerShell.
The script below takes this log file and parses it out into a nice CSV file that looks like this:
That looks a whole lot better, right? The script looks through the log file for any errors and parses out the date, IP, and the error, and places it into a nicely formatted CSV. It also excludes all of the DNS server IPs.
For some reason, no matter which option you pick I found that the DNS server IPs themselves kept showing up. I just need to know the client IP address that’s having a problem updating its DNS record.
