It's not powerdns specific, but we have been using packetbeat for that sort
of work.
Chris Stradtman
On Mon, Apr 2, 2018 at 6:06 AM, Brian Candler wrote:
> I'm investigating how to monitor DNS queries as a source of security
> information for breach detection. In the case of client machines, w
I'm investigating how to monitor DNS queries as a source of security
information for breach detection. In the case of client machines, we
can check the queries against a blacklist of known C&C or malware
domains; in the case of servers, we know they should only be making
outbound connections t
