Blog

Introducing the Gravwell CoreDNS Kit

Sep 15, 2020 2:17:53 PM / by Fritz posted in Security, kits, DNS

0 Comments

What’s in a Domain Name? That which we call a CNAME by any other AAAA record would still be used by malware to steal your data. This article introduces the Gravwell CoreDNS Kit, which provides dashboards, queries, and other resources to help you quickly analyze data from a CoreDNS instance using the Gravwell CoreDNS plugin. 

Read More

Security Auditing DNS With CoreDNS and Gravwell

Jul 26, 2018 11:16:19 AM / by Kris Watts posted in Network Analytics, Case study, Logging, Security, automation, Integrations, Home Operations Center, Orchestration, DNS

0 Comments

DNS auditing is an integral part of any I.T. security program. Name resolutions can act as a great tip for discovering malware, command and control streams, or misbehaving employees. Acquiring DNS audit data can be difficult with some DNS servers (*cough* Windows *cough*); for this post we are going to show an extremely easy method of getting DNS audit data directly into Gravwell.

Read More