Details for Private DNS Resolver Logs
Logging details for DNS Resolver logs.
Resources
- privateResolver
Log Categories
| API value (ID): | Console (Display Name) | Description |
|---|---|---|
dns.dnsresolver.private_resolver_query_response |
Query Response Logs | Log for Private DNS query responses. |
Availability
Private DNS logging is available in all regions of the commercial realms.
Contents of a Private DNS Log
Some fields depend on the DNS query response and contain query-specific information. The most common fields are defined in the following table. For more information on OCI supported DNS records see Supported Resource Records. For more information on RFC DNS definitions, see the DNS RFC specification.
| Property | Description |
|---|---|
|
|
Oracle Cloud Infrastructure Logging schema version. For example: |
|
|
OCI log type. Always set to |
|
|
Name of the DNS resolver OCID that sent a DNS query for resolution. |
|
|
Random UUID, unique to each log entry. For example,10936-1708978182-7f44ccc0848b5dff |
|
|
Time the function output was generated, in RFC 3339 timestamp format. |
|
|
Time the log line was ingested by Oracle Cloud Infrastructure logging, in RFC 3339 timestamp format. |
|
|
OCID of the Oracle Cloud Infrastructure Logging log object. |
|
|
OCID of the Oracle Cloud Infrastructure Logging log group. |
oracle.resourceType |
The resource type that returned the response. For example, dns.privateResolver. |
|
|
OCID of the tenancy the log object is in. |
|
|
OCID of the compartment the function/application is in. |
|
|
The number of resource records in the "additional information" section, defined in the DNS RFC specification. |
|
|
Answer record type and data. For example, [A 10.0.3.6] ("A" record is an address record followed by the address data.) See Supported Resource Records for more information. |
data.answercount |
The number of resource records (RRs) present in the answer section, defined in the DNS RFC specification. |
data.authoritycount |
The number of entries in the authority section of the DNS message, defined in the DNS RFC specification. |
data.forwardSourceAddress |
Reverse Connection Endpoint (RCE) IP address (if any). |
data.forwardDestinationPort |
IP address of the final forwarded query destination (if any). |
data.forwardDestinationAddress |
Port number for the final forwarded query destination (if any). |
data.latency |
Query latency expressed in milliseconds. |
data.messageId |
Message identifier with value in range of 0 to 65535. Used to link public log entries to internal log entries for troubleshooting. |
data.path |
Indicates how the query was answered. Possible values include: |
|
|
The protocol used by the response. For example |
data.qclass |
Query class code. For example, |
|
|
Query Name: Domain or subdomain requested. For example, |
|
|
Type of record requested. For example, A ("A" record is an address record). See Supported Resource Records for more information. |
|
|
DNS response code. For example, |
|
|
DNS response code data. For example, |
data.sourceAddress |
IP address that the request was received from. For example, 10.0.0.2. |
data.sourcePort |
The port that the request was received from. For example, 1234. |
data.schema |
Version of the data format in OCI Logging. |
data.ednsClientSubnet |
Extension mechanism for DNS (EDNS) subnet information. |
data.ttl |
The Time to Live of the response record. See Supported Resource Records for more information. |
destinationPort |
Initial query destination port. |
destinationAddress |
Initial query destination IP address. |
Examples of a Private DNS Resolver Log
The following are JSON format examples of a private DNS resolver log.
Log Example 1
{
"datetime": 1740776102358,
"logContent": {
"data": {
"additionalCount": 0,
"answer": "[A <ip_address>]",
"answerCount": 1,
"authorityCount": 0,
"dataschema": "1.1",
"destinationAddress": "<destination_ip_address>",
"destinationPort": "53",
"latency": 1,
"messageId": 56634,
"path": "internet",
"protocol": "udp",
"qclass": "IN",
"qname": "<example>",
"qtype": "A",
"rcode": "0",
"rcodeName": "NOERROR",
"sourceAddress": "<source_ip_address>",
"sourcePort": <port>,
"ttl": 1329
},
"id": "<unique_ID>",
"oracle": {
"compartmentid": "<ocid>",
"ingestedtime": "2025-02-28T20:55:32.679Z",
"loggroupid": "<ocid>",
"logid": "<ocid>",
"resourceType": "dns.privateResolver",
"tenantid": "<ocid>",
"vcnId": "<ocid>"
},
"source": "<ocid>",
"specversion": "1.0",
"time": "2025-02-28T20:55:02.358Z",
"type": "com.oraclecloud.dns.private.resolver"
},
"regionId": "<region>"
}Log Example 2
{
"datetime": 1740776102358,
"logContent": {
"data": {
"additionalCount": 0,
"answer": "[SRV 0 100 389 <fqdn>.]",
"answerCount": 1,
"authorityCount": 0,
"dataschema": "1.1",
"destinationAddress": "<destination_ip_address>",
"destinationPort": "<port>",
"forwardDestinationAddress": "<forward_destination_ip_address>",
"forwardDestinationPort": <port>,
"forwardSourceAddress": "<forward_source_ip_address>",
"latency": 84,
"messageId": 34283,
"path": "rule:forwarded",
"protocol": "udp",
"qclass": "IN",
"qname": "<fqdn>.",
"qtype": "SRV",
"rcode": "0",
"rcodeName": "NOERROR",
"sourceAddress": "<source_ip_address>",
"sourcePort": <port>,
"ttl": 600
},
"id": "<unique_ID>",
"oracle": {
"compartmentid": "<ocid>",
"ingestedtime": "2025-02-28T20:55:32.679Z",
"loggroupid": "<ocid>",
"logid": "<ocid>",
"resourceType": "dns.privateResolver",
"tenantid": "<ocid>",
"vcnId": "<ocid>"
},
"source": "<ocid>",
"specversion": "1.0",
"time": "2025-02-28T20:55:02.358Z",
"type": "com.oraclecloud.dns.private.resolver"
},
"regionId": "<region>"
}