Log Files
NextDNS Blocker maintains several log files for monitoring, debugging, and auditing.
Log Location
Section titled “Log Location”| Platform | Path |
|---|---|
| macOS/Linux | ~/.local/share/nextdns-blocker/logs/ |
| Windows | %LOCALAPPDATA%\nextdns-blocker\logs\ |
Log Files
Section titled “Log Files”app.log
Section titled “app.log”Purpose: General application events
Contents:
- Startup/shutdown
- Configuration loading
- Errors and warnings
- Debug information (when verbose)
Example:
2024-01-15 14:30:00 INFO Starting sync2024-01-15 14:30:01 INFO Loaded 5 domains from blocklist2024-01-15 14:30:02 INFO Blocked reddit.com (outside schedule)2024-01-15 14:30:02 INFO Sync complete: 1 blocked, 0 unblockedRotation: Daily, 7 days retention
audit.log
Section titled “audit.log”Purpose: Security-relevant actions
Contents:
- Domain blocks
- Domain unblocks
- Panic mode activation
- Pending action creation/cancellation
- Allowlist changes
Example:
2024-01-15 14:30:00 BLOCK reddit.com reason="outside schedule"2024-01-15 18:00:00 UNBLOCK reddit.com reason="within schedule"2024-01-15 20:00:00 PANIC_START duration=60 expires="2024-01-15 21:00:00"2024-01-15 21:00:00 PANIC_ENDRotation: Weekly, 12 weeks retention
cron.log
Section titled “cron.log”Purpose: Watchdog sync execution output
Contents:
- Output from scheduled sync runs
- Errors from cron/launchd/Task Scheduler
- Timestamps of each run
Example:
=== 2024-01-15 14:30:00 ===Syncing domains... reddit.com: BLOCKEDSync complete: 1 blocked, 0 unblocked
=== 2024-01-15 14:32:00 ===Syncing domains...Sync complete: 0 blocked, 0 unblockedRotation: Daily, 7 days retention
wd.log
Section titled “wd.log”Purpose: Watchdog self-check events
Contents:
- Watchdog status checks
- Job restoration events
- Self-healing activity
Example:
2024-01-15 14:35:00 CHECK Sync job exists: yes2024-01-15 14:40:00 CHECK Sync job exists: yes2024-01-15 14:45:00 RESTORE Sync job was missing, restoredRotation: Daily, 7 days retention
sync.log
Section titled “sync.log”Purpose: Detailed sync operation logs
Contents:
- API calls made
- Cache hits/misses
- Schedule evaluations
- Domain state changes
Rotation: Daily, 7 days retention
Viewing Logs
Section titled “Viewing Logs”Recent Entries
Section titled “Recent Entries”# macOS/Linuxtail -50 ~/.local/share/nextdns-blocker/logs/app.log
# Windows PowerShellGet-Content "$env:LOCALAPPDATA\nextdns-blocker\logs\app.log" -Tail 50Follow in Real-Time
Section titled “Follow in Real-Time”# macOS/Linuxtail -f ~/.local/share/nextdns-blocker/logs/app.log
# Windows PowerShellGet-Content "$env:LOCALAPPDATA\nextdns-blocker\logs\app.log" -WaitSearch Logs
Section titled “Search Logs”# Find all blocksgrep BLOCK ~/.local/share/nextdns-blocker/logs/audit.log
# Find errorsgrep ERROR ~/.local/share/nextdns-blocker/logs/app.log
# Find specific domaingrep reddit.com ~/.local/share/nextdns-blocker/logs/*.logLog Levels
Section titled “Log Levels”| Level | Description |
|---|---|
| DEBUG | Detailed debugging (verbose mode) |
| INFO | Normal operation |
| WARNING | Potential issues |
| ERROR | Errors that affect operation |
| CRITICAL | Severe errors |
Enable Debug Logging
Section titled “Enable Debug Logging”nextdns-blocker config push --verboseLog Rotation
Section titled “Log Rotation”Built-in Rotation
Section titled “Built-in Rotation”NextDNS Blocker uses Python’s RotatingFileHandler:
- Rotates when file exceeds size limit
- Keeps specified number of backups
Manual Rotation Setup
Section titled “Manual Rotation Setup”For system-level rotation, use logrotate (Linux):
/home/*/.local/share/nextdns-blocker/logs/*.log { daily rotate 7 compress delaycompress missingok notifempty create 0644}Run setup script:
chmod +x setup-logrotate.sh./setup-logrotate.shLog Analysis
Section titled “Log Analysis”Count Actions
Section titled “Count Actions”# Count blocks todaygrep "$(date +%Y-%m-%d)" ~/.local/share/nextdns-blocker/logs/audit.log | grep -c BLOCK
# Count unblocks this weekgrep UNBLOCK ~/.local/share/nextdns-blocker/logs/audit.log | wc -lFind Patterns
Section titled “Find Patterns”# Most blocked domainsgrep BLOCK ~/.local/share/nextdns-blocker/logs/audit.log | \ awk '{print $3}' | sort | uniq -c | sort -rn | head -10
# Panic mode usagegrep PANIC ~/.local/share/nextdns-blocker/logs/audit.logTime-Based Analysis
Section titled “Time-Based Analysis”# Actions in last hourgrep "$(date +%Y-%m-%d\ %H)" ~/.local/share/nextdns-blocker/logs/audit.log
# Weekend activitygrep -E "(Sat|Sun)" ~/.local/share/nextdns-blocker/logs/audit.logPrivacy Considerations
Section titled “Privacy Considerations”What’s Logged
Section titled “What’s Logged”- Domain names
- Timestamps
- Action types
- Error messages
What’s NOT Logged
Section titled “What’s NOT Logged”- API credentials
- Full configuration
- IP addresses
- User data
Cleaning Logs
Section titled “Cleaning Logs”# Clear all logsrm ~/.local/share/nextdns-blocker/logs/*.log
# Clear old logs (keep last 3 days)find ~/.local/share/nextdns-blocker/logs -name "*.log" -mtime +3 -deleteTroubleshooting with Logs
Section titled “Troubleshooting with Logs”Sync Issues
Section titled “Sync Issues”tail -100 ~/.local/share/nextdns-blocker/logs/cron.logLook for:
- API errors
- Timeout messages
- Configuration errors
Watchdog Issues
Section titled “Watchdog Issues”tail -50 ~/.local/share/nextdns-blocker/logs/wd.logLook for:
- Job restoration events
- Missing job warnings
Unexpected Behavior
Section titled “Unexpected Behavior”# Enable verbose and capturenextdns-blocker config push --verbose 2>&1 | tee debug.logShare debug.log when reporting issues (redact API key).