Log Monitoring
Davis, Donald W
Donald.Davis at unisys.com
Thu Aug 7 14:17:09 UTC 2014
I am looking for scripts that can be used to parse and monitor the DNS logs for suspicious activity.
I have enabled full logging and am currently using the DNSAnomalyDetection script written by Dr. Johannes Ulrich. This script gives me the daily top 10 requests based on the query logs.
Does anyone have other scripts they are willing to share? I do not have Splunk.
Thanks,
Don
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140807/0fe01aae/attachment.html>
More information about the bind-users
mailing list