policy/protocols/dns/auth-addl.zeek

DNS

This script adds authoritative and additional responses for the current query to the DNS log. It can cause severe overhead due to the need for all authoritative and additional responses to have events generated. This script is not recommended for use on heavily loaded links.

Namespace:DNS
Imports:base/protocols/dns/main.zeek

Summary

Redefinitions

DNS::Info: record
New Fields:

DNS::Info

auth: set [string] &log &optional

Authoritative responses for the query.

addl: set [string] &log &optional

Additional responses for the query.

dns_skip_all_addl: bool &redef  
dns_skip_all_auth: bool &redef  

Detailed Interface