DNS logging is extremely important for security operations and incident response. So much so that organizations that don't log DNS are typically quite sorry they don't when crunch time comes. On the other hand, implementing dedicated DNS logging infrastructure can increase cost and complexity. Is there a better way? I think so. My latest piece in DarkReading explains: http://www.darkreading.com/risk/an-atypical-approach-to-dns/a/d-id/1322666. Hope you enjoy.