Logo
Sign in
  1. Logpoint Service Desk
  2. Products Hub
  3. Marketplace
default.png

DNS Process Plugin

The DNS process plugin provides the domain name assigned to an IP address and the other way around. The plugin takes any number of inputs (IP addresses or hostname) and an equal number of aliases to store the output. For any input provided, the plugin first verifies the value of the field. If the value is an IP address, it resolves the address to its hostname. Otherwise, it resolves the value to an IP address.

For Logpoint version:

6.3.0 and later 6.0.0 to 6.2.0
Release Details
Version:3.1.0
Release date:2018-07-30
Document date:2018-07-30
SHA 256: 694b4a6e00c7dc67d74ebe212ebec3930d4c8bf0777f649c417d3bf0ac37a90b
Download

Package Details

 

 

 

 

 

 

Important Notice

The DNS process application takes a longer time to execute the process command for the unresolved IP Addresses. 

Bug Fixes

  • Previously, the application did not resolve some IP addresses (spoofed IPs) to their corresponding hostnames. This has been fixed. 

  • The application now highlights enriched fields in the participating logs while using the join query in the process command. 

Usage Information

Syntax: | process dns(IP Address or Hostname)

For example, "| process dns(destination_address)" command resolves the destination_address field value to the hostname. 

Sample Log

image2018-5-24_11_57_19.png

Installation

Follow these steps to install the DNS Process Plugin v3.1.0:

  1. Download the DNS Process Plugin package provided above in the Download section.
  2. Install the package by importing the pak file to LogPoint under Settings >> System >> Applications.
Release Details
Version:3.1.0
Release date:2018-06-22
Document date:2018-06-22
SHA 256: 694b4a6e00c7dc67d74ebe212ebec3930d4c8bf0777f649c417d3bf0ac37a90b
Download

Package Details

 

 

 

 

 

 

 

Important Notice

It takes a longer time for the plugin to execute the process command for the unresolved IP Addresses. 

Bug Fixes

  • Previously, the plugin did not resolve some IP addresses (spoofed IPs) to their corresponding hostnames. This has been fixed. 

  • The plugin now highlights enriched fields in the participating logs while using the join query in the process command.  

Usage Information

General Syntax: | process dns(<IP Address or Hostname>) as <attribute_name>

For example, the "| process dns(ip) as domain_name" command resolves the ip field value to the hostname and stores the hostname to the domain_name field. 

Screen_Shot_2018-06-04_at_11.52.55_AM__1_.png

Installation

Follow these steps to install the DNS Process Plugin v3.1.0:

  1. Download the DNS Process Plugin package provided above in the Download section.
  2. Install the package by importing the pak file to LogPoint under Settings >> System >> Applications.


Support

If you have any queries or require assistance, please feel free to contact our support team:

Email: servicedesk@logpoint.com
Phone: +45 7060 6100

Best regards,
untitled.svg

Comments

Please sign in to leave a comment.

Follow

Related articles

  • DNS Cleanup Process Plugin
  • FortiGate
  • Dovecot
  • Evaluation Process Plugin
  • Universal Normalizer
Privacy policy    EULA    Terms of service   
Copyright © , Logpoint. All rights reserved.