2 Replies Latest reply on Nov 18, 2014 9:55 AM by alexander_h

    Analyzing DNS Query Logging

    evil242

      I've set my two Infoblox internal DNS servers to log queries because I want to see if I am getting external queries to these boxes.  But I am not seeing the query requests getting sent to ESM server.  I see all other Infoblox type logs getting sent, just not DNS queries.  Any ideas what I am missing?

       

      Once I am actually receiving the data, I want to correlate all destination IP addr to two IP addresses and all destinations external to my controlled network.  How would I best go about doing that?

       

      Thanks in advance,