policy/protocols/dns/auth-addl.zeek

DNS

This script adds authoritative and additional responses for the current query to the DNS log. It can cause severe overhead due to the need for all authoritative and additional responses to have events generated. This script is not recommended for use on heavily loaded links.

Namespace:

DNS

Imports:

base/protocols/dns/main.zeek

Summary

Redefinitions

DNS::Info: record

New Fields:

DNS::Info

auth: set [string] &log &optional

Authoritative responses for the query.

addl: set [string] &log &optional

Additional responses for the query.

dns_skip_all_addl: bool &redef

dns_skip_all_auth: bool &redef

Detailed Interface