valitydev/atomic-threat-coverage
14
0
Fork 0
mirror of https://github.com/valitydev/atomic-threat-coverage.git synced 2024-11-06 17:45:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
2ca5aeeb83
atomic-threat-coverage/data_needed/DN_0099_Bind_DNS_query.yml
Wydra Mateusz 2ca5aeeb83 bind/passive dns
2019-10-25 01:35:40 +02:00

21 lines
439 B
YAML
Raw Blame History

title: DN_0099_Bind_DNS_query
description: >
DNS Query from BIND Server
loggingpolicy:
- LP_0047_BIND_DNS_queries
references:
- None
category: DNS Logs
platform: Linux
type: queries log
channel: queries_log
provider: BIND
fields:
- date
- query_type
- client_ip
- domain_name
- source_ip
sample: |
25-Oct-2019 01:22:19.421 queries: info: client 192.168.1.200#51364 (yahoo.com): query: yahoo.com IN TXT + (192.168.1.235)
Reference in New Issue View Git Blame Copy Permalink