DNS Answer

dns_answer

The DNS Answer object represents a specific response provided by the Domain Name System (DNS) when querying for information about a domain or performing a DNS operation. It encapsulates the relevant details and data returned by the DNS server in response to a query.

Attributes

CaptionNameTypeDescription
Resource Record ClassclassStringThe class of DNS data contained in this resource record. See RFC1035. For example: IN.
DNS Header Flagsflag_idsInteger[]The list of DNS answer header flag IDs.
  • 1: Authoritative Answer (AUTHORITATIVE_ANSWER)
  • 2: Truncated Response (TRUNCATED_RESPONSE)
  • 3: Recursion Desired (RECURSION_DESIRED)
  • 4: Recursion Available (RECURSION_AVAILABLE)
  • 5: Authentic Data (AUTHENTIC_DATA)
  • 6: Checking Disabled (CHECKING_DISABLED)
  • 0: Unknown (UNKNOWN)
  • 99: Other (OTHER)
DNS Header FlagsflagsString[]The list of DNS answer header flags.
Packet UIDpacket_uidIntegerThe DNS packet identifier assigned by the program that generated the query. The identifier is copied to the response.
Raw Dataraw_dataJSONGroup:context

The event data as received from the event source.
DNS RDatardataStringThe data describing the DNS resource. The meaning of this data depends on the type and class of the resource record.
Record IDrecord_idStringGroup:primary

Unique identifier for the object
TTLttlIntegerThe time interval that the resource record may be cached. Zero value means that the resource record can only be used for the transaction in progress, and should not be cached.
Resource Record TypetypeStringThe type of data contained in this resource record. See RFC1035. For example: CNAME.
UnmappedunmappedUnmapped[]Data from the source that was not mapped into the schema.

Relationships

DNS Answer shown in context

Inbound Relationships

These objects and events reference DNS Answer in their attributes:

Outbound Relationships

DNS Answer references the following objects and events in its attributes:

This page describes qdm-1.5.1+ocsf-1.6.0