Amazon AWS Route 53 DSM specifications

The IBM QRadar DSM for Amazon AWS Route 53 supports Public DNS log events that are collected from a log group in AWS CloudWatch Logs. Resolver query events that are collected from Amazon S3 buckets and from a log group in the AWS CloudWatch logs are also supported.

When you configure Amazon AWS Route 53, understanding the specifications for the Amazon AWS Route 53 DSM can help ensure a successful integration. For example, knowing what the supported protocols are before you begin can help reduce frustration during the configuration process.

The following table describes the specifications for the Amazon AWS Route 53 DSM.

Table 1. Amazon AWS Route 53 DSM specifications
Specification Value
Manufacturer Amazon
DSM name Amazon AWS Route 53
RPM file name DSM-AmazonAWSRoute53-QRadar_version-build_number.noarch.rpm
Protocol
Event format
  • JSON (Resolver query logs)
  • Space delimited pre-defined fields (Public DNS query logs)
Recorded event types Event versions 1.0
Automatically discovered? Yes
Includes identity? No
Includes custom properties? No
More information

For more information about Public DNS query logs, see the Amazon website (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html)

For more information about Resolver query logging, see the Amazon website (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resolver-query-logs.html)