Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Suricata eve.json DNS processing #49

Closed
chrisforce1 opened this issue Dec 13, 2017 · 0 comments
Closed

Support Suricata eve.json DNS processing #49

chrisforce1 opened this issue Dec 13, 2017 · 0 comments
Assignees
@krhubert

Comments

@chrisforce1
Copy link
Contributor

Similar to #48, we need to support local pickup and processing of DNS events from Suricata eve.json. The schema is described here and we should look for "type": "query" events and then pull timestamp, source (IP), rrname, and rrtype values to send to the API for scoring.
@chrisforce1 chrisforce1 changed the title Support Suricata eve.json processing Support Suricata eve.json DNS processing Dec 14, 2017
@chrisforce1 chrisforce1 mentioned this issue Dec 14, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@krhubert krhubert

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@krhubert @chrisforce1