Go to file

Alexandre Dulaunoy 4ed585a5b7 chg: [doc] Basic README added		2019-02-03 17:30:04 +01:00
bin	chg: [cof-server] some logging fixed	2019-02-02 20:13:01 +01:00
etc	chg: [pdns analyzer] proper logging	2019-02-02 16:27:03 +01:00
LICENSE	chg: [doc] Basic README added	2019-02-03 17:30:04 +01:00
README.md	chg: [doc] Basic README added	2019-02-03 17:30:04 +01:00
install_server.sh	add: [install] install script - minimal server requires Redis >5.0	2019-01-31 07:44:04 +01:00
requirements	chg: [requirements] for the cof server added	2019-02-02 17:40:06 +01:00

README.md

analyzer-d4-passivedns

analyzer-d4-passivedns is an analyzer for a D4 network sensor. The analyser can process data produced by D4 sensors (in passivedns CSV format (more to come)) and ingest them into a Passive DNS server which can be queried later to search for the Passive DNS records.

Features

A D4 analyzer which can be plugged to one or more D4 servers to get a stream of DNS records
A compliant Passive DNS ReST server compliant to Common Output Format
A flexible and simple analyser which can be configured to collect the required records from DNS records

Requirements

Python 3
Redis >5.0
Tornado
iptools

License

The software is free software/open source released under the GNU Affero General Public License version 3.