DNS_QUERY_V View
This view provides raw historic data about DNS queries.
Lacework regularly monitors for DNS queries in your environment and returns a row in the DNS_QUERY_V view when Lacework detects a DNS query.
Each row contains DNS Query information as listed in the columns.
| Column Name | Data Type | Description |
|---|---|---|
| CREATED_TIME | Timestamp | The time and date when the DNS query was detected by Lacework. |
| MID | Number | The Lacework-generated machine identifier of the machine that generated the query. |
| FQDN | Text | The fully qualified domain name of DNS server. |
| HOST_IP_ADDR | Text | The IP address of the machine that generated the query. |
| TTL | Number | The time to live for the DNS query before the query expires. |
| DNS_SERVER_IP | Text | The resulting IP address of the DNS query. |