I am successfully using elasticsearch, kibana and ntopng to collect, monitor and display network traffic patterns. I need information on how to get elasticsearch to perform a dns lookup of source and destination network addresses. i hae not been able to find much documentation on this subject. i am not using logstach, which has a dns filter that performs this function. Any assistance would be greatly appreciated.
Regards
You want Elasticsearch to perform DNS lookups of IP address and/or hostname fields as part of the indexing? There's no such feature but it should be possible to accomplish with a plugin.
Thanks you for your prompt response! Is there a plugin available that can provide this feature. If so how may i acquire it.
Thanks
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.