ISC BIND sample event message

Use this sample event message to verify a successful integration with IBM® QRadar®.

Important: Due to formatting issues, paste the message format into a text editor and then remove any carriage return or line feed characters.

ISC BIND sample message when you use the Syslog protocol

The following sample event message shows an address query.

<158>Sep 28 14:19:30 isc.bind.test named2[1885]: client @0a0a00000a0a00 ( query: IN A +E(0)DC (
Table 1. QRadar field names and highlighted values in the event payload
QRadar field name Highlighted values in the event payload
Event ID IN A
Source IP
Destination IP
Source Port 35705
Device Time Sep 28 14:19:30 (extracted from date and time fields)