Explore DNS traffic analysis for malicious activity using open-source logging tools in this 33-minute conference talk from Nolacon 2016. Learn about the basics of DNS monitoring, the Tabasco story, and simple solutions to common problems. Discover various tools, including expensive options and their support levels, as well as common denominators in log processing, indexing, formatting, and shipping. Gain insights into Gray Log, Elastic Search, and DNS amplification. Examine dashboards for data visualization and understand techniques for detecting data exfiltration through DNS traffic.
Analyzing DNS Traffic for Malicious Activity Using Open Source Logging Tools