[Oisf-users] practical use of dns log
Christophe Vandeplas
christophe at vandeplas.com
Tue Nov 26 08:49:04 UTC 2013
Hi list,
In the past I've been using another tool to do DNS logging, and now
I'd like to use Suricata for this. The format of the file is
completely different, and also a part of the interpretation (Suricata
is a LOT more verbose and complete)
DNS logging of Suricata is mulitiple lines per DNS request (and
response). So searching for things require multiple greps and
filtering out duplicate ids.
I'm wondering how others use this DNS logging.
All stories (on or off-list) and practical use-cases are welcome.
I'll do my best to document these on the wiki so that others can
benefit from this info.
As far as I understand there seem to be plans to transform the logging
into json, is there already an idea about when that's to be expected?
Thanks
Kind regards
Christophe
More information about the Oisf-users
mailing list