Versions (relevant - OpenSearch/Dashboard/Server OS/Browser): 2.8
Describe the issue: I am ingesting BIND logs from Linux DNS server and I have parsed those using logstash. Since I wanted to use security analytics and rules pertaininig to DNS wondering what common schema should I follow? Should I use ECS or any other so that my rules will start matching the logs?
Configuration:
Relevant Logs or Screenshots: