Jump to content

F5 DNS Splunk Values

rev.dennis

Entry posted by rev.dennis

143 views

 Share

So we have a bunch of GTM (or BIGIP-DNS) log data in Splunk and most don't know what the heck all of these different fields mean.

  • QID:
  • Host (GMT):
  • src:
  • dest
  • reply_code
  • reply_code_id
  • query
  • answer
  • answer_count
  • message_type
  • query_type
  • record_type.

I suppose I will take a crack at it and see if I can find explanations of each field.

QID (query ID)

You can trace a query and response based on the QID#

 

 Share

0 Comments

Recommended Comments

There are no comments to display.

Guest
Add a comment...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×

Announcements



×
×
  • Create New...

Important Information

Privacy Policy

  I accept