Easy handling before removing DNS

Prior to changing the IP or demoting a DNS server it is best to repoint all clients pointing to this DNS server to other DNS server. To assist in this I have written the following script. It requires the DNS service to have debug logging enabled. By running the script and pointing to the debug file, you will get an easy to handle array. Unless you specify a filename for the debuglog it will be in the file %SystemRoot%\system32\dns\dns.log

Download the script from the Microsoft social scripting archive.

Some examples:

Get all queries:

Get all except some queries:

Well that is too much information:

Comments

  1. Vijay Sharma says

    Hello,

    Can you please share the Correct DNS pattern that will work will most of the dates pattern.
    I am getting the errors like” Rows does not match the DNS pattern”

    Thanks
    Vijay

    • virot says

      If you are having issues can you please send me a few lines of your logs and Ill try to figure it out. There are lots of different versions.

  2. Can you make the Script work for this lines ?

    06.03.2020 17:15:40 0BD4 PACKET 0000008F15AD2190 UDP Rcv 10.200.1.222 9e90 Q [0001 D NOERROR] A (11)vdehagvir02(15)test-abc(2)de(0)

    06.03.2020 17:15:40 0BD4 PACKET 0000008F15AD2190 UDP Snd 10.200.1.222 9e90 R Q [8085 A DR NOERROR] A (11)vdehagvir02(15)test-abc(2)de(0)

    06.03.2020 17:15:40 0BDC PACKET 0000008F160FA150 UDP Rcv 10.200.1.222 14db Q [0001 D NOERROR] AAAA (11)vdehagvir02(15)test-abc(2)de(0)

    06.03.2020 17:15:40 0BDC PACKET 0000008F160FA150 UDP Snd 10.200.1.222 14db R Q [8085 A DR NOERROR] AAAA (11)vdehagvir02(15)test-abc(2)de(0)

    06.03.2020 17:15:41 0BDC PACKET 0000008F142B61F0 UDP Rcv 10.200.1.221 e499 Q [0001 D NOERROR] A (10)vdehagdc04(15)test-abc(2)de(0)

    06.03.2020 17:15:41 0BD4 PACKET 0000008F13B2C160 UDP Rcv 10.200.1.221 721b Q [0001 D NOERROR] AAAA (10)vdehagdc04(15)test-abc(2)de(0)

    06.03.2020 17:15:41 0BDC PACKET 0000008F142B61F0 UDP Snd 10.200.1.221 e499 R Q [8085 A DR NOERROR] A (10)vdehagdc04(15)test-abc(2)de(0)

    • virot says

      Hi.
      It’s been a special time. Anyway do you have the culture used by this server? Can you send me the output from Get-Culture?

Leave a Reply to virot Cancel reply