Privacy - Log domains for permitted/blocked queries only

In Settings > Privacy > DNS resolver privacy level

add additional checkboxes to select domains to log:

:ballot_box_with_check: Log permitted domains
:ballot_box_with_check: Log blocked domains

I don't want to be tracking all my client's traffic, I only need to see blocked queries, to whitelist them in case they break critical features.

As an administrator, I would like to be able to control the privacy settings of logs for allowed and blocked domains separately.

As specified in the docs, there are 5 levels of privacy which applies to all logging of requests.

75% - 95% of allowed logged requests are for allowed domains. For these requests I am more concerned with privacy.

For the %5 - %25 of blocked requests I am more concerned with transparency.

Currently I have to make a choice between privacy of allowed requests and transparency of blocked requests.

I propose separate privacy controls for blocked vs allowed requests.

Doesn't fulfill API/Web interface - Query Log
Show permitted domain entries
Show blocked domain entries

your needs?

Yubiuser not sure I understand what you are trying to say?

Are you saying there might be an existing feature that meets this need - if so can you be more specific about how or where to find this feature.

Are you talking about the filter options under 'Long Term Data > Query Log'?

Those allows you to filter available queries based on blocked allowed status yes, but we are talking about being able to control how much data is available for blocked vs allowed queries independently.

  • More privacy for allowed queries
  • More visibility for blocked queries

At the moment all queries get the same privacy treatment.

No, I'm talking about options for 'Query Log'

But your're right this are just toggles for visibility not privacy.

Ah thanks for the clarification!


Please consider changing the title for this request, as hiding permitted/blocked queries is already possible.

The request should be to not log/store permitted requests at all, while only logging/storing blocked requests.

thank you, I updated the post.