dstreefkerk/dns_client_log.ps1

## dns_client_log.ps1
function Start-DNSClientLog {
    $DnsOpLog = Get-WinEvent -ListLog Microsoft-Windows-DNS-Client/Operational
    $DnsOpLog.IsEnabled = $true
    $DnsOpLog.SaveChanges()
}


function Get-DNSClientQueries {
    foreach($event in (get-winevent Microsoft-Windows-DNS-Client/Operational | % { [xml]$_.ToXml() })) {
        $Query = ($event.Event.EventData.Data | Where-Object { $_.Name -eq "QueryName" }).'#text'
        if($null -eq $Query) { return }
        New-Object PSObject -Property @{
            "Date" = [DateTime]$event.Event.System.TimeCreated.SystemTime;
            "Query" = $Query
        }
    }
}
	function Start-DNSClientLog {
	$DnsOpLog = Get-WinEvent -ListLog Microsoft-Windows-DNS-Client/Operational
	$DnsOpLog.IsEnabled = $true
	$DnsOpLog.SaveChanges()
	}


	function Get-DNSClientQueries {
	foreach($event in (get-winevent Microsoft-Windows-DNS-Client/Operational \| % { [xml]$_.ToXml() })) {
	$Query = ($event.Event.EventData.Data \| Where-Object { $_.Name -eq "QueryName" }).'#text'
	if($null -eq $Query) { return }
	New-Object PSObject -Property @{
	"Date" = [DateTime]$event.Event.System.TimeCreated.SystemTime;
	"Query" = $Query
	}
	}
	}