DNS request logging? Identify NXDOMAIN requests

We have recently had to recreate our DNS entries in a new CF account from a lost DNS service. Most of these entries were obvious and easy to recreate, but we aren’t 100% sure if we’ve missed any (cannot do a zone transfer or get any kind of full list from the lost account). Is there any DNS logging in Cloudflare where we can see what DNS requests are failing to resolve? The Analytics page shows a number of NXDOMAIN entries - can we see what exactly those are?

You might need higher plan in order to do that.

Edit: just checked. You need Enterprise plan for that.

There is, but only on an Enterprise plan (I don’t see it on my Business plan).

You could sign up to a free account on www.securitytrails.com, and they will give you DNS history that might be enough. If the account was previously on Cloudflare, you will have to go to a point in time before Cloudflare was activated to have a hope of this actually working for you.

You could also set up a Wildcard DNS entry as a catchall, and point it to a server you control, and log the host header. The wildcard DNS entry will not be Proxied, unless you are on an Enterprise plan.

1 Like

This is an excellent suggestion - we’ll try the wildcard approach.

Just be aware that this will really only capture HTTP traffic. If you had TXT records, email server records etc. then this will not work very well. But something is better than nothing!

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.