DNS insights - BlueCat DNS Edge

DNS Edge User Guide

prodname
BlueCat DNS Edge

The DNS Insights page displays graphical analysis of all queries that have been received through the service points during the last 7 days. The information is displayed as an aggregate of domains, policies, policy actions, threat indicators, source IPs, protocols, query types, response codes, sites, and namespaces.

In the DNS Edge window, click . The DNS Insights page displays the following information:

Time Range Displays the range of time in which the information was gathered.
Query Count Displays the number of queries that were received during the specified time range.

DNS query information is represented in the following graphs:

Domains Displays the number of queries that were received for a single domain and a summary of the number of domains that were queried by multiple Source IPs (if the number of domains shown for a group of Source IPs is greater than 1).
Policies Displays the number of queries that were processed by each policy.
Actions Displays the different policy actions that were performed on each query, including the number of queries that were processed using each action.
Threat Indicators Displays the different threat indicators that the queries were categorized.
Source IPs Displays the IP addresses of different sources that requested the queries.
Protocols Displays the different protocols, such as UDP and TCP, that were used by the queries including the number of queries that used each protocol.
Query Types Displays the different record types that were requested by the queries.
Response Codes Displays the number of response codes that were returned by the queries.
Sites Displays the number of queries that were received by the different sites.
Namespaces Displays the number of queries that were received in each namespace.

Filtering queries using DNS Insights graphs

  1. In the DNS Edge window, click .
  2. Select one or more sections within the DNS Insights graph to populate the command bar with filters. The other DNS Insights graphs will react to previous selections made.
    Note: You can clear a filter selection by clicking on the selection again.
  3. Click to filter queries in the DNS Activity page.