policy/protocols/dns/auth-addl.zeek

DNS

This script adds authoritative and additional responses for the current query to the DNS log. It can cause severe overhead due to the need for all authoritative and additional responses to have events generated. This script is not recommended for use on heavily loaded links.

Namespace

DNS

Imports

base/protocols/dns/main.zeek

Summary

Redefinitions

DNS::Info: record

New Fields

DNS::Info

auth: set [string] &log &optional

Authoritative responses for the query.

addl: set [string] &log &optional

Additional responses for the query.

dns_skip_all_addl: bool &redef

dns_skip_all_auth: bool &redef

Detailed Interface