Windows File Locations

Default location Windows 2003:

C:\> %SystemRoot%\System32\dns 

Default location Windows 2008:

C:\> %SystemRoot%\System32\Winevt\Logs\DNS Servers.evtx 

Default location of enhanced DNS Windows 2012 R2:

c:\> %SystemRoot%\System32\Winevt\Logs\Microsoft-Windows-DNSServer%4Analytical.etl

Ref. https://technet.microsoft.com/en-us/library/cc940779.aspx

Enable DNS Logging:

C:\> DNSCmd <DNS SERVER NAME> /config /logLevel Ox8100F331

Set log location:

C:\> DNSCmd <DNS SERVER NAME> /config /LogFilePath <PATH TO LOG FILE> 

Set size of log file:

C:\> DNSCmd <DNS SERVER NAME> /logfilemaxsize Oxffffffff

Linux

Start DNS Logging:

# rndc querylog

View DNS Logs:

# tail -f /var/log/messages | grep named