Install passive dns logging frameworks

Security-Onion-Solutions / security-onion

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

https://securityonion.net

3.06k stars 521 forks source link

Install passive dns logging frameworks #225

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

https://github.com/gamelinux/passivedns

Real cool and easy one!

https://www.isc.org/community/blog/201011/join-global-passive-dns-pdns-network-t
oday-gain-effective-tools-fight-against-

ISC one, allow optional sharing of the data for research purpose (and also give 
access to their pdnsdb having all the data).

Original issue reported on code.google.com by elh...@gmail.com on 17 Feb 2012 at 9:47

GoogleCodeExporter commented 9 years ago

Hi elhoim,

Thanks for your suggestion!  However, we already have Bro doing DNS logging.  
It captures to the following file:
/nsm/bro/logs/current/dns.log

To avoid duplication of effort and wasting CPU/RAM resources, I'd rather not 
install any other DNS logging frameworks.  

Thanks,
Doug

Original comment by doug.bu...@gmail.com on 17 Feb 2012 at 11:54

Changed state: WontFix
Added labels: ****
Removed labels: ****