Syslog Fowarding DNS Logs

Syslog Fowarding DNS Logs

DigitalStakeout PDNS supports real-time log syslog forwarding. Log forwarding is a real-time fork of your DNS log data to a target syslog server.

We do the hard work by enriching and annotating your logs with contextual information. DNS logs are known to very extremely verbose. DigitalStakeout PDNS logging automatically de-duplicates your DNS logs on 5 minute intervals. This makes DNS logs easier to consume and analyze without excessive noise and cost.
 
The detailed activity logs that are visible in the DigitalStakeout PDNS logs will be forwarded to your target. Syslogs will be forwarding in a simple, friendly imploded JSON format. Log parsers such as logstash will be able to easily parse your logs into a usable field format.
 
Steps to Enable Syslog Forwarding

Generate any Syslog endpoint and authorization functions in your destination tool.
Enable syslog forwarding DigitalStakeout Securd company settings.
View real-time DNS log data from Securd in your XDR, SIEM or Log Analysis tool!
 
Enable Log Forwarding in Company Settings

1. Browse to your Company global settings.

2. Click on the Logging tab.

3. Select the syslog logging to enabled.

5. Enter the full hostname of your logging endpoint.

5. Enter the UDP port number of your logging endpoint.

6. Click Save.
 
Once you save your setting, logging will immediately start forwarding to the endpoint. The only logs that will be forwarded are new logs from the time the setting is saved.

If your endpoint repeatedly fails over 15 mins due to an authorization or configuration issue, DigitalStakeout PDNS will automatically disable log forwarding in your Company setting.

    • Related Articles

    • Search, Filter and Export DNS Logs

      Each DigitalStakeout PDNS company (tenant) has a private log data store where detailed DNS and web activity logs are recorded in real-time. Users can search and analyze logs to investigate incidents and to hunt threats. Search and Filter DNS Logs ...

    • HTTP Log Forwarding DNS Logs

      DigitalStakeout PDNS supports real-time log HTTP forwarding. Log forwarding is a real-time fork of your DNS log data to a target HTTP webhook endpoint. We do the hard work by enriching and annotating your logs with contextual information. DNS logs ...

    • Understanding your Protective DNS usage metrics.

      In the Account -> Plan Usage section, you can see a real-time view of your Protective DNS usage metrics.   Viewing Aggregated Query Metrics This analytic shows the volume of DNS queries from all your companies based on your selected time frame. In ...

    • Search and Filter DigitalStakeout PDNS Logs

      Each DigitalStakeout PDNS company has a private log data store where detailed DNS and web activity logs are recorded in real-time.  Users can search and analyze logs to investigate incidents and to hunt threats. Search and Filter DNS Logs Under the ...

    • Default DNS Security Policy Overview

      You are in 100% control as to how DigitalStakeout PDNS protects your systems.  Below is a detailed overview the your default security policy options. The default security policy is a good starting point for protecting your network and endpoints from ...