What is the difference between DNS Query and DNS Query Capture in the Report Category?

sheushen · ‎06-13-2019

As per title

Thank you.

brucemcgreggor · ‎06-14-2019

A DNS query (also known as a DNS request) is a demand for information sent from a user's computer (DNS client) to a DNS server. By this, you can capture DNS queries for student help online.

sheushen · ‎07-24-2019

What is DNS Query Capture then?

EChan_1 · ‎07-29-2019

You can see the DNS query is stored in the index called"ib_dns/ib_dns_summary", where the DNS query capture stored in the ib_dns_capture.

The DNS Query store all the DNS statistic information including the top clients, qps trend, requested domain, CHR etc. However, this category is a summary of DNS utilization only.

If you would like to obtains "DNS Top Clients Per Domain", "DNS Query Trend Per IP Block Group", and "DNS RPZ Rule Hit Configuration", you need to enable the feature in the "DNS" under Reporting properties.

If you are looking for the the detail relationship between clients and the requested DNS RR, you need to turn on the DNS query Capture. for examples: "DNS Top Clients by Query Type", "DNS Domains Queried by Client".

Please remind that if the DNS query capture category is enabled, it may use a large number of indexing capacity and storage.

Eric

THE GAME HAS CHANGED

NIOS DNS DHCP IPAM

What is the difference between DNS Query and DNS Query Capture in the Report Category?

Re: What is the difference between DNS Query and DNS Query Capture in the Report Category?

Re: What is the difference between DNS Query and DNS Query Capture in the Report Category?

Re: What is the difference between DNS Query and DNS Query Capture in the Report Category?