DNS Process Plugin
The DNS process plugin provides the domain name assigned to an IP address and the other way around. The plugin takes any number of inputs (IP addresses or hostname) and an equal number of aliases to store the output. For any input provided, the plugin first verifies the value of the field. If the value is an IP address, it resolves the address to its hostname. Otherwise, it resolves the value to an IP address.
Package Details
Enhancement
|
Description |
Issue ID |
Reference ID |
|---|---|---|
|
Updated packages to ensure compatibility with Logpoint v7.6.0, preventing functional and runtime issues. |
- |
- |
Past Releases
DNS Process Plugin v3.1.0
Important Notice
It takes a longer time for the plugin to execute the process command for the unresolved IP Addresses.
Bug Fixes
-
Previously, the application did not resolve some IP addresses (spoofed IPs) to their corresponding hostnames. This has been fixed.
- The application now highlights enriched fields in the participating logs while using the join query in the process command.
Sample Log
Usage Information
General Syntax: | process dns(<IP Address or Hostname>) as <attribute_name>
For example, the "| process dns(ip) as domain_name" command resolves the ip field value to the hostname and stores the hostname to the domain_name field.
Installation
Follow these steps to install the DNS Process Plugin v3.1.0:
- Download the DNS Process Plugin package provided above in the Download section.
- Install the package by importing the pak file to LogPoint under Settings >> System >> Applications.
Comments
Please sign in to leave a comment.