aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

doc: add documentation for SRV DNS JSON structure

Browse Source
pull/5644/head
Sascha Steinbiss 5 years ago committed by Victor Julien
parent 08a6f1441a
commit 15c42e0d83
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File

7
doc/userguide/output/eve/eve-json-format.rst
Unescape Escape View File

@ -422,6 +422,13 @@ More complex DNS record types may log additional fields for resource data:
* "algo": Algorithm number (ex: 1 for RSA, 2 for DSS)
* "type": Fingerprint type (ex: 1 for SHA-1)
* "srv": section containing fields for the SRV (location of services) record type
* "target": Domain name of the target host (ex: ``foo.bar.baz``)
* "priority": Target priority (ex: 20)
* "weight": Weight for target selection (ex: 1)
* "port": Port on this target host of this service (ex: 5060)
One can control which RR types are logged by using the "types" field in the
suricata.yaml file. If this field is not specified, all RR types are logged.
More than 50 values can be specified with this field as shown below:

Write Preview
Loading…
Cancel
Save