DNS Logging

Overview

Insights Plus includes DNS query parsing for capturing and analyzing DNS traffic from your network. However, some UniFi gateways do not send DNS logs by default.

Gateway Compatibility

The built-in DNS resolver on UniFi gateways uses dnsmasq, which lacks the log-queries directive by default. The dnsmasq configuration is auto-generated by ubios-udapi-server and cannot be permanently modified - changes are overwritten on reboot or provisioning.

Workarounds

If your gateway does not forward DNS logs, you have the following options:

• Use the built-in Pi-hole v6 integration (recommended) - Insights Plus can poll a Pi-hole v6 instance directly over its REST API and import every query into the same log stream, with full block/allow status, GeoIP, and threat enrichment. See the Pi-hole Integration page for setup.
• AdGuard Home (API integration planned) - AdGuard Home does not use dnsmasq and does not support syslog forwarding for DNS queries. A dedicated API-based integration is on the roadmap that will poll AdGuard Home's query log API for consolidated DNS records with full metadata (block status, filter rules, response time, client identification). This is not yet available.
• Wait for a Ubiquiti firmware update - future firmware may add native DNS query logging support

Dashboard Features

When DNS logs are available, the dashboard includes:

• Top DNS Queries panel - shows the most frequently queried domains across your network
• DNS type filter toggle - filter the log view to show only DNS events