adulau / pdns-qof

Passive DNS Common Output Format
https://datatracker.ietf.org/doc/draft-dulaunoy-dnsop-passive-dns-cof/
36 stars 15 forks source link
network-security passive-dns

Passive DNS - Common Output Format

This document describes the output format used between Passive DNS query interface. The output format description includes also a common meaning per Passive DNS system.

This format originated as a discussion between Aaron Kaplan, Paul Vixie, Henry Stern and Alexandre Dulaunoy (Adulau) in ~ 2011. It was submitted to the IETF in 2014 and since then had a few minor updates. The last revision was publish the 11th February 2022.

It is being used by multiple operators of passive DNS services to offer an identical output format for queries to a passive DNS database. This allows the person issuing the query to combined and/or compare results.

The output format is in JSON.

How to Contribute to the Document

You can make pull request to the xml document. We are looking for comments from passive DNS developers in order to improve the document.

IETF Internet-Draft

Users and Use-cases