https://forum.nxfilter.org/tips-tricks/57-how-to-monitor-dns-requests-in-real-time
Date: 2021-08-15 23:04:14
User: jahastech
You may want to monitor all the DNS activity on your network by using a command like 'tail -f' to view the NxFilter log file (/nxfilter/log/nxfilter.log). You also might have attempted to refresh the NxFilter GUI's log view. However, the NxFilter log file primarily records system events, not for DNS activity. And the GUI log view is not designed to auto-refresh. Monitoring its log data in environments with thousands of users can be impractical due to the sheer volume of log data generated. With such a large amount of data, frequently refreshing the log view could slow down NxFilter.
If your goal is to identify which users are blocked from accessing specific sites, the Alert Email feature of NxFilter is a more efficient solution. For real-time monitoring, consider exporting logs to Syslog. Free Windows Syslog servers, such as Visual Syslog Server, are available for monitoring Syslog data. You can also choose to export only the log data pertaining to blocked requests through Syslog. Another option is to create a separate logging/reporting server using software like Graylog. By exporting log data from NxFilter to Graylog, you can do comprehensive logging and reporting, leveraging Graylog's specialized capabilities.
About Syslog exportation, https://nxfilter.org/tutorial/h-syslog-exportation.php
For using Graylog with NxFilter, https://nxfilter.org/tutorial/h-gray...te-logging.php