09-10-2018 07:44 AM
Has any one managed to Create a dashboard or report that shows top DNS talkers that then allows you to Drill down by clicking on one of the top talkers in the list, to see what the top talker is querying ?
e.g could have a crazy linux server in the list , but i want to see what it is querying as , it could be infected or badly configured.
is it possible ? Or is there lots of bells , hoops and whistles to go through ?
09-17-2018 07:18 AM
It is possible and not too hard but I have not done it, you have to get the source ip as a parameter for the search in the drilldown.
09-17-2018 05:26 PM