[Oisf-users] dns log
Michael Stone
mstone at mathom.us
Fri Dec 23 18:21:49 UTC 2016
On Fri, Dec 23, 2016 at 10:08:34AM -0500, David Zawdie wrote:
>Not aware of Suricata not logging in cases where there is no DNS response. Is
>that something you're seeing, and if so, what version of Suricata?
It's pretty easy to reproduce, send a dns query to a machine that isn't
a dns server, see if it shows up in dns.log. It doesn't for me on 3.2.
The query *does* show up in eve json log if dns logging is enabled
there, but not in the standard dns.log.
Mike Stone
More information about the Oisf-users
mailing list