Amazon AWS Route 53 DSM specifications
The IBM QRadar DSM for Amazon AWS Route 53 supports Public DNS log events that are collected from a log group in AWS CloudWatch Logs. Resolver query events that are collected from Amazon S3 buckets and from a log group in the AWS CloudWatch logs are also supported.
When you configure Amazon AWS Route 53, understanding the specifications for the Amazon AWS Route 53 DSM can help ensure a successful integration. For example, knowing what the supported protocols are before you begin can help reduce frustration during the configuration process.
The following table describes the specifications for the Amazon AWS Route 53 DSM.
Specification | Value |
---|---|
Manufacturer | Amazon |
DSM name | Amazon AWS Route 53 |
RPM file name | DSM-AmazonAWSRoute53-QRadar_version-build_number.noarch.rpm |
Protocol |
|
Event format |
|
Recorded event types | Event versions 1.0 |
Automatically discovered? | Yes |
Includes identity? | No |
Includes custom properties? | No |
More information |
For more information about Public DNS query logs, see the Amazon website (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) For more information about Resolver query logging, see the Amazon website (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resolver-query-logs.html) |