DNS Server logs to monitor traffic.

If you want to monitor what websites are visited by users in your home then the DNS log will only be partially helpful. The normal approach for this requirement is to setup a proxy server and get all your devices to access websites via the proxy server.

Squid is a free proxy server and it is possible to install it on OS X. See http://www.squid-cache.org/

You will need the Xcode command line tools installed in order to be able to install Squid. While you can manually configure each Mac, PC, or iOS device to point them to the Squid proxy server it is also possible to create a PAC aka. WPAD.dat file to be used for auto-configuring the devices. See https://en.wikipedia.org/wiki/Proxy_auto-config

This file would be used in conjunction with Web Proxy Auto Discovery (WPAD) a protocol invented by Microsoft. Apple support this protocol and it is listed as 'Auto Proxy Discovery' in Advanced in Network Settings.

The Squid log will then list all web activity against the IP address of the device that accessed it. Optionally one can configure Squid to require users to authenticate with a user name and password before being allowed access. This would then allow Squid to also log activity against that user name.

Warning, Squid logs every single web resource accessed not just an individual webpage so it will therefore typically list dozens of items for a single page i.e. all the graphics etc. As some of these will be adverts from other websites you might get confused by the fact that a webpage on say CNN includes hypothetically an address from Facebook.

I don't have an example of doing this immediately available, and I expect that this will involve parsing either a manually-created output channel or otherwise rummaging the DNS server logs.

If your firewall blocks all outbound DNS traffic except DNS queries originating on the server (this to avoid bypassing the DNS server, save via VPN or such), you can enable additional logging via the command line and then check the DNS server logs.

This configuration is probably more commonly implemented with either a network sniffer watching for DNS queries arriving at your server, or maybe a web proxy server, as that proxy server gets you the client information and the target host information, particularly given there'll be all sorts of not-web-related activity in the DNS logs for a typical client.

Apps network activity, app updates (various of which can appear to be HTTPS traffic, too), various data feeds, etc.

HTTPS and VPNs can throw a wrench into these eavesdropping and data-collection activities, unfortunately. They can either mask the access or hide the entire DNS query, depending on the computer(s) being monitored.

There are purpose-built approaches here including filtering (or logging) firewalls and OS X mechanisms such as Parental Controls, depending on the particular details of your requirements here. There are examples posted around the network of using Wireshark or tcpdump to acquire DNS data from your network, as well.

Details on managing BIND 9 from the command line — which is where this is headed — are available in the ISC BIND documentation, such as 9.10. Look for the logging statement grammar and setting up an output channel, as a starting point.

For the recent OS X Server releases, the BIND configuration files are located under /Library/Server. (See this discussion, as well.)

Modifications to the configuration files can sometimes derail Server.app, unfortunately. Shut down Server.app, make a copy of the file, incorporate the changes, then restart Server.app (and hopefully Server.app either doesn't tip over or revert your changes).