Add timestamps to the logging

Completed

Follow

vigorousgraywolf

June 09, 2013 02:59

Add timestamps to the logging of domain requests.

 

515

• 

  herdad June 12, 2013 20:41

  I find a lot of domain requests in the middle of the night.  It is difficult to understand if this is resonable activity i.e. system updates, or malicious activity

  0

  Comment actions Permalink
• 

  brightonbulldogsfc June 15, 2013 08:21

  i agree, any more info would be most helpful, thank you

  0

  Comment actions Permalink
• 

  crc-datatech June 18, 2013 14:27

  Yes, we have different people in at different times of the day, need to know when sites are being accessed

  0

  Comment actions Permalink
• 

  gcantor June 28, 2013 06:31

  Much as I appreciate OpenDNS, (thank you very much), I am looking for a system that records timestamps on the logs (which presumably could be rendered rather easily?)

  1

  Comment actions Permalink
• 

  rotblitz June 28, 2013 09:48

  "I am looking for a system that records timestamps on the logs"

  http://www.nirsoft.net/utils/dns_query_sniffer.html (DNS traffic)

  http://www.pyrenean.com/Filtering (DNS traffic)

  http://fiddler2.com/ (web traffic)

  Enough now?

  0

  Comment actions Permalink
• 

  gcantor June 28, 2013 10:38

  Thanks, rotblitz, to your knowledge will any of those three capture all the traffic on my home router wireless network (rather than just a single machine?)

  Being a newbie I am just after something simple...

  0

  Comment actions Permalink
• 

  rotblitz June 28, 2013 12:45

  No, these are to install on a computer and capture traffic only from there. Only your router would be able to capture all traffic of your network.

  If your (unspecified) router can't do this, then

  • you may see if it can be flashed with an alternative firmware being able to do this traffic capturing, or
  • you may use another (or existing) computer, installing a proxy server (or the 1st or 3rd program from above) on it, and put it between the router and the rest of devices in the network.
  You enable logging on this server to capture what you want..

  There's nothing simple. because what you're requesting is not simple.

  You enable logging on this server to capture what you want..

  0

  Comment actions Permalink
• 

  dep123 July 17, 2013 15:17

  This feature is really needed!  Even if it just a CSV dump of the raw data that would be a huge step.

  0

  Comment actions Permalink
• 

  m_ahlenius July 21, 2013 13:26

  Agreed - I see some hits to inappropriate sites and it would be great to know what time of day they occurred so I can determine who is accessing them.

   

  thanks

   

  'm

  1

  Comment actions Permalink
• 

  netmapper July 30, 2013 03:20

  Knowing the time it day is critical to understand who generated the block.  Please add this feature!

  1

  Comment actions Permalink
• 

  pricec July 31, 2013 18:39

  I agree!

  0

  Comment actions Permalink
• 

  harryr2003 August 03, 2013 14:13

  I completely agree.. adding a time stamp will also make it easier to filter by time, not just by date

  0

  Comment actions Permalink
• 

  Permanently deleted user August 30, 2013 00:54

  this is neccessary!  please add this feature!

  1

  Comment actions Permalink
• 

  asad-salehi September 02, 2013 08:51

  I agree

  0

  Comment actions Permalink
• 

  skypeable September 03, 2013 22:29

  This needs to happen, it's not really reporting without timestamps.  As it stands now, this is just a net usage summary.

  0

  Comment actions Permalink
• 

  beyond-scarface September 09, 2013 12:25

  Yes, this is exactly why I've even attempted this software (because I thought that's what it was doing) But nope. Very frustrating. I keep hitting brick walls in this attempt to protect my family.  :(

  1

  Comment actions Permalink
• 

  rotblitz September 09, 2013 14:53

  "attempted this software"

  Software?  OpenDNS isn't software, but a configurable service.

  -1

  Comment actions Permalink
• 

  beyond-scarface September 09, 2013 16:35

  Actually, it IS software. It's just running on their server. A Service would imply someone is sitting there performing a task as needed or continually. But this is SOFTWARE as it is performing the needed task for a human... and we pay for it annually.

  1

  Comment actions Permalink
• 

  pojlaib84 September 10, 2013 11:46

  is it real

   

  0

  Comment actions Permalink
• 

  nikkib1205 September 13, 2013 19:33

  Agree 100%!

  0

  Comment actions Permalink
• 

  oynayun September 18, 2013 20:16

  bi baksana www.oynayun.com

  0

  Comment actions Permalink
• 

  detotoro September 22, 2013 03:01

  Please!!!!

  0

  Comment actions Permalink
• 

  marinky64 October 08, 2013 10:03

  Time of day would be most helpful! Please add it!

  0

  Comment actions Permalink
• 

  ritchie_cunningham October 17, 2013 01:43

  This would be a very useful feature! Any chance this will happen anytime soon?

  0

  Comment actions Permalink
• 

  scooter3 November 01, 2013 23:53

  AGREED!  Time of day and MAC address would be more specific. Worth more money too.

  0

  Comment actions Permalink
• 

  scooter3 November 02, 2013 00:01

  I have over 50 hits a day to porn sites. I cannot believe that is being generated by a person but I cannot tell without a time stamp at least. A MAC address attached to the hit would be conclusive.

  0

  Comment actions Permalink
• 

  rotblitz November 02, 2013 14:10

  "Time of day and MAC address would be more specific."

  MAC addresses are not visible to the internet and therefore not for OpenDNS.  How should they be able to log them?

  -1

  Comment actions Permalink
• 

  skypeable November 02, 2013 17:06

  MAC addresses could not be captured from the DNS query.  However, the name/IP of the server that processed the DNS query could be displayed along with the timestamps.  Point half your hosts at one of the OpenDNS servers, and point the other half at the "other" OpenDNS server.  Between the timestamps and the server, users would have a better chance of identifying the origin of interesting traffic.

  0

  Comment actions Permalink
• 

  rotblitz November 03, 2013 14:24

  "However, the name/IP of the server that processed the DNS query could be displayed along with the timestamps."

  Not possible either.  OpenDNS just sees your one public IP address from your DNS queries, no matter what LAN device is raising a DNS query. Internal names and IP addresses are and stay internal, fortunately.

  0

  Comment actions Permalink
• 

  skypeable November 04, 2013 12:01

  Robitz, read my post again.  I am not looking for the address of the requestor (your PC) but of the OpenDNS SERVER that handled the request.  There are 2.  Granted, it's not much but if a customer has to narrow down the source of interesting traffic, they can configure the suspect hosts to use one or the other of the 2 OpenDNS servers.  Paired with a timestamp it could help decide which device made the interesting request.

  0

  Comment actions Permalink

Post is closed for comments.