23 lines
505 B
Plaintext
23 lines
505 B
Plaintext
##! This script adds the query with its original letter casing
|
|
##! to the DNS log.
|
|
|
|
@load base/protocols/dns/main
|
|
|
|
module DNS;
|
|
|
|
export {
|
|
redef record Info += {
|
|
## Query with original letter casing
|
|
original_query: string &log &optional;
|
|
};
|
|
}
|
|
|
|
event dns_request(c: connection, msg: dns_msg, query: string, qtype: count, qclass: count, original_query: string) &priority=5
|
|
{
|
|
if ( msg$opcode != 0 )
|
|
# Currently only standard queries are tracked.
|
|
return;
|
|
|
|
c$dns$original_query = original_query;
|
|
}
|