Hey Folks,
I am ingesting BIND logs into OD and wondering if any one has every configured use case for detecting DNS DGA or tunneling attack? Or even I am thinking to ingest the packetbeat logs
Hey Folks,
I am ingesting BIND logs into OD and wondering if any one has every configured use case for detecting DNS DGA or tunneling attack? Or even I am thinking to ingest the packetbeat logs