Syslog Fowarding DNS Logs

Syslog Fowarding DNS Logs

Securd supports real-time log syslog forwarding. Log forwarding is a real-time fork of your DNS log data to a target syslog server.

We do the hard work by enriching and annotating your logs with contextual information. DNS logs are known to very extremely verbose. Securd logging automatically de-duplicates your DNS logs on 5 minute intervals. This makes DNS logs easier to consume and analyze without excessive noise and cost.
 
The detailed activity logs that are visible in the Securd logs will be forwarded to your target. Syslogs will be forwarding in a simple, friendly imploded JSON format. Log parsers such as logstash will be able to easily parse your logs into a usable field format.
 
Steps to Enable Syslog Forwarding
  1. Generate any Syslog endpoint and authorization functions in your destination tool.
  2. Enable syslog forwarding Securd company settings.
  3. View real-time DNS log data from Securd in your XDR, SIEM or Log Analysis tool!
Enable Log Forwarding in Company Settings
  1. Browse to your Company global settings.
  2. Click on the Logging tab.
  3. Select the syslog logging to enabled.
  4. Enter the full hostname of your logging endpoint.
  5. Enter the UDP port number of your logging endpoint.
  6. Click Save.
Once you save your setting, logging will immediately start forwarding to the endpoint. The only logs that will be forwarded are new logs from the time the setting is saved.

If your endpoint repeatedly fails over 15 mins due to an authorization or configuration issue, Securd will automatically disable log forwarding in your Company setting.

    • Related Articles

    • Search, Filter and Export DNS Logs

      Each Securd company (tenant) has a private log data store where detailed DNS and web activity logs are recorded in real-time. Users can search and analyze logs to investigate incidents and to hunt threats. Search and Filter DNS Logs Under the ...
    • HTTP Log Forwarding DNS Logs

      Securd supports real-time log HTTP forwarding. Log forwarding is a real-time fork of your DNS log data to a target HTTP webhook endpoint. We do the hard work by enriching and annotating your logs with contextual information. DNS logs are known to ...
    • Search and Filter Securd Logs

      Each Securd "company" has a private log data store where detailed DNS and web activity logs are recorded in real-time. Users can search and analyze logs to investigate incidents and to hunt threats. Search and Filter DNS Logs Under the "Traffic Logs" ...
    • DNS Forwarding Amazon Route 53 with Resolver Rules

      Amazon Route 53 is a highly available and scalable DNS service offered by Amazon Web Services (AWS). One of the key features of Amazon Route 53 is the ability to forward DNS queries to specific IP addresses using Resolver Rules. In this article, we ...
    • DNS Acronyms

      These acronyms and terms are frequently used when discussing securing DNS. DNS: Domain Name System. This is a system that translates human-readable domain names (such as www.example.com) into numerical IP addresses that computers can use to ...