Logging and monitoring in Amazon Route 53

You can configure Route 53 to log information about the queries that Route 53 receives, such as the domain or subdomain that was requested, the date and time of the request, and the DNS record type, such as A or AAAA.

For more information, see Public DNS query logging.

CloudTrail provides a record of Route 53 actions taken by a user, a role, or an Amazon service. Using the information collected by CloudTrail, you can track the requests that are made, the IP addresses that requests originate from, who made the request, when it was made, and additional details. For more information, see Logging Amazon Route 53 API calls with Amazon CloudTrail.

The Route 53 dashboard provides detailed information about the status of your domain registrations, such as the status of domain transfers and domains that are approaching the expiration date.

For more information, see Monitoring domain registrations.

You can monitor your resources by creating Route 53 health checks, which use CloudWatch to collect and process raw data into readable, near real-time metrics.

For more information, see Monitoring your resources with Amazon Route 53 health checks and Amazon CloudWatch.

You can use CloudWatch to monitor the number of DNS queries that are forwarded by Resolver endpoints.

For more information, see Monitoring Route 53 Resolver endpoints with Amazon CloudWatch.

Trusted Advisor draws upon best practices learned from serving Amazon customers. Trusted Advisor inspects your Amazon environment and then makes recommendations when opportunities exist to save money, improve system availability and performance, or help close security gaps. All Amazon customers have access to five Trusted Advisor checks. Customers with a Business or Enterprise support plan can view all Trusted Advisor checks.

For more information, see Trusted Advisor.