DNS response event - BlueCat Address Manager - 9.4.0

{
    "dataType": "Message",
    "dataTypeId": 1,
    "key": "7bed8160-c8a1-4cb1-8a28-463909aa6844",
    "messageType": "ClientResponse",
    "messageTypeId": 6,
    "payloadType": "dnstap",
    "responseAddress": "127.0.0.1",
    "responseData": {
        "answers": [
            {
                "class": "IN",
                "domainName": "h1.example.com.",
                "rData": "10.0.0.10",
                "recordType": "A",
                "recordTypeId": 1,
                "ttl": 3600
            }
        ],
        "fullRcode": 0,
        "header": {
            "aa": true,
            "ad": false,
            "anCount": 1,
            "arCount": 1,
            "cd": false,
            "id": 17940,
            "nsCount": 0,
            "opcode": 0,
            "qdCount": 1,
            "qr": 1,
            "ra": false,
            "rcode": 0,
            "rd": true,
            "tc": false
        },
        "opt": {
            "do": false,
            "ednsVersion": 0,
            "extendedRcode": 0,
            "options": [
                {
                    "optCode": 10,
                    "optName": "Cookie",
                    "optValue": "hbbDFmHUM9wBAAAAX1q1McL4KhalWTS3"
                }
            ],
            "udpPayloadSize": 4096
        },
        "question": [
            {
                "class": "IN",
                "domainName": "h1.example.com.",
                "questionType": "A",
                "questionTypeId": 1
            }
        ],
        "rcodeName": "NoError",
        "time": 1599780145568110352,
        "timePrecision": "ns"
    },
    "responsePort": 0,
    "serverId": "ubuntu-dev",
    "serverVersion": "BIND 9.16.5",
    "socketFamily": "INET",
    "socketProtocol": "UDP",
    "sourceAddress": "127.0.0.1",
    "sourceId": "421bce7d-b4e6-b705-6057-7039628a9847",
    "sourcePort": 60001,
    "time": 1599780145568110352,
    "timePrecision": "ns"
}

• dataType—the dnstap data type. Currently, only the Message type is defined.
• dataTypeId—the numeric ID of the dnstap data type.
• key—the unique event ID of the message.
• messageType—identifies the type of DNS message. For more information, refer to DNS message types.
• messageTypeId—the numeric ID of the DNS message type.
• payloadType—the event payload type. Currently, only the dnstap type is defined.
• responseAddress—the IP address of the message responder.
• answer—the content of the resource record body of the DNS query message as outlined in RFC1035.
• fullRcode—the full EDNS response code value.
• header—the content of the header of the DNS message as outlined in RFC1035.
• opt—the content of the OPT record definition of the EDNS message as outlined in RFC6891.
• question—the content of the question body of the DNS query message as outlined in RFC1035.
• rcodeName—the response code from the request.
• responsePort—the transport port of the message responder.
• serverId—the ID of the DNS server.
• serverVersion—the BIND version running on the DNS server.
• socketFamily—the network protocol family of the socket.
• socketProtocol—the transport protocol of the socket.
• sourceAddress—the IP address of the message sender.
• sourceId—the system UUID of the DNS server.
• sourcePort—the transport protocol of the message initiator.
• time—the time that the response message was received or sent by the DNS server.
• timePrecision—the measurement of the value in time. The measurement is in nanoseconds (ns).