DNSFilter
DNSFilter is a cloud-based DNS security and content filtering solution that protects against malware, phishing, and other web threats. DNSFilter logs provide information on DNS queries, including domain requests, categorization (e.g., malicious, safe, or blocked), and response actions. These logs help with monitoring web traffic, enforcing content filtering policies, and identifying potential security threats such as malicious domains or phishing attempts.
Ingest Methods
Setup the ingestion of this source using one of the following guides.
If using an AWS S3 bucket use the following SNS topic ARN to send your bucket notifications.
arn:aws:sns:<REGION>:253602268883:runreveal_dnsfilter
Setup
In order to ingest your DNSFilter logs you will need to export them to an AWS S3 bucket. You can reference the DNSFilter guides on how to do this.