Hey Folks,
I am ingesting BIND logs into OD and wondering if any one has every configured use case for detecting DNS DGA or tunneling attack? Or even I am thinking to ingest the packetbeat logs
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Possible dns tunneling/ high dns requests rate/ high dns bytes out | 0 | 85 | May 13, 2024 | |
| Cisco ASA Firewall Message Ingestion | 1 | 1041 | February 7, 2023 | |
| Security Analytics for DNS logs | 1 | 476 | September 10, 2023 | |
| Domain struck in processing state | 1 | 276 | January 27, 2022 | |
| Root cause analysis using Open Distro 7.10.2 | 1 | 316 | August 8, 2022 |