Common Event Log Messages
The Microsoft DNS Server logs events to the System Log. To view the events, you can either use the Event Viewer (which you start with Start → Administrative Tools → Event Viewer) or click on the Event Viewer folder for a given server in the DNS console’s left pane. The DNS server logs to a special category called, appropriately enough, DNS Server. If you use the Event Viewer, make sure you’re looking at the correct log messages by selecting DNS Server in the left pane. To save space, when we describe an event we won’t show a screenshot of the complete event. Instead, we’ll list just the description from the event detail. (Double-click an event to see its details.) We’ll also list the Event ID in parentheses after the text of the event.
When the server starts up (either at boot time or because you restarted it) and is ready to answer queries, you’ll see this event:
The DNS Server has started. (ID 2)
For a healthy server, you should see this event after booting. If you stop the server manually, you’ll see this event:
The DNS Server has shutdown. (ID 3)
If a server is a secondary for a zone, it will notify you every time it performs a zone transfer:
A more recent version, version 2000120500 of zone movie.edu was found at DNS server at 192.249.249.3. Zone transfer is in progress. (ID 6522) The DNS server wrote version 2000120500 of zone movie.edu to file movie.edu.dns. (ID 3150)
You’ll also see that last message on the primary when you make a change to a zone ...
Get DNS on Windows Server 2003, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
