mwullink
commented
4 days ago We could add an optional column to the Parquet output to write rdata from all response RRs?
The column would need to use a complex type, an example for a response containing an A and AAAA RR could look like this:
[ { type: 'A', rdata: '1.2.3.4' }, { type: 'AAAA', rdata: 'dead:beef:ca1f' }, ]
ukkarikari
At present the only drawback we are facing is that ENTRADA2 does not store data from the DNS response message, such as the address that the DNS query resolves to. We would like to ask if this feature is something planned in the future of ENTRADA2 development, as this feature is integral to certain use cases present in our current research, such as the identification of common resolved addresses, leading to the discovery of related domains/IPs.