inverse-inc / packetfence

PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful BYOD management options, 802.1X support, layer-2 isolation of problematic devices; PacketFence can be used to effectively secure networks small to very large heterogeneous networks.
https://packetfence.org
GNU General Public License v2.0
1.39k stars 292 forks source link

Cluster: DNS audit log does not work #5569

Closed lzammit closed 4 years ago

lzammit commented 4 years ago
[dns_configuration]
#
# dns_configuration.record_dns_in_sql
#
# Record dns requests and replies in SQL table
record_dns_in_sql=enabled
Jun 10 16:32:16 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:32:16 -0400] "A IN co1.qualtrics.com. udp 35 false 512" NOERROR qr,rd,ra 138 42.008795ms
Jun 10 16:32:43 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:32:43 -0400] "A IN gsp85-ssl.ls.apple.com. udp 40 false 512" NOERROR qr,rd,ra 120 19.791412ms
Jun 10 16:32:44 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:32:44 -0400] "A IN www.icloud.com. udp 32 false 512" NOERROR qr,rd,ra 161 29.76855ms
Jun 10 16:32:44 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:32:44 -0400] "A IN slug.onelink.me. udp 33 false 512" NOERROR qr,tc,rd,ra 221 32.933893ms
Jun 10 16:32:44 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:32:44 -0400] "A IN ses.videotron.com. udp 35 false 512" NOERROR qr,rd,ra 67 34.493643ms
Jun 10 16:32:44 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:32:44 -0400] "A IN slug.onelink.me. udp 33 false 512" NOERROR qr,tc,rd,ra 221 30.735872ms
Jun 10 16:32:44 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:32:44 -0400] "A IN www.apple.com. udp 31 false 512" NOERROR qr,rd,ra 182 49.349709ms
Jun 10 16:32:44 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:32:44 -0400] "A IN p57-keyvalueservice.icloud.com. udp 48 false 512" NOERROR qr,rd,ra 222 42.012399ms
Jun 10 16:32:44 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:32:44 -0400] "A IN slug.onelink.me. tcp 33 false 65535" NOERROR qr,rd,ra 221 46.14487ms
Jun 10 16:32:45 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:32:45 -0400] "A IN ssl.google-analytics.com. udp 42 false 512" NOERROR qr,rd,ra 102 31.004847ms
Jun 10 16:32:59 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:32:59 -0400] "A IN ssl.google-analytics.com. udp 42 false 512" NOERROR qr,rd,ra 102 20.095308ms
Jun 10 16:33:02 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:33:02 -0400] "A IN 27-courier.push.apple.com. udp 43 false 512" NOERROR qr,rd,ra 166 131.0465ms
Jun 10 16:33:03 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:33:03 -0400] "A IN e4478.a.akamaiedge.net. udp 40 false 512" NOERROR qr,rd,ra 56 32.156363ms
Jun 10 16:33:12 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:33:12 -0400] "A IN api-glb-bos.smoot.apple.com. udp 45 false 512" NOERROR qr,rd,ra 61 17.634447ms
Jun 10 16:33:14 cluster2 pfdns: 172.22.147.155 - [10/Jun/2020:16:33:14 -0400] "A IN ssl.google-analytics.com. udp 42 false 512" NOERROR qr,rd,ra 102 23.059037ms

image

lzammit commented 4 years ago

Starts to populated after a while.