DNS Answer

dns_answer

The DNS Answer object represents a specific response provided by the Domain Name System (DNS) when querying for information about a domain or performing a DNS operation. It encapsulates the relevant details and data returned by the DNS server in response to a query.

Contents

Attributes
References
Graph
JSON

Attributes

Caption	Name	Type	Is Array	Default	Description
Resource Record Class	class	String			The class of DNS data contained in this resource record. See RFC1035. For example: `IN`.
DNS Header Flags	flag_ids	Integer			The list of DNS answer header flag IDs. 0 Unknown 1 Authoritative Answer 2 Truncated Response 3 Recursion Desired 4 Recursion Available 5 Authentic Data 6 Checking Disabled 99 Other
DNS Header Flags	flags	String			The list of DNS answer header flags.
Packet UID	packet_uid	Integer			The DNS packet identifier assigned by the program that generated the query. The identifier is copied to the response.
Raw Data	raw_data	JSON			The event data as received from the event source.
DNS RData	rdata	String			The data describing the DNS resource. The meaning of this data depends on the type and class of the resource record.
Record ID	record_id	String			Unique identifier for the object
TTL	ttl	Integer			The time interval that the resource record may be cached. Zero value means that the resource record can only be used for the transaction in progress, and should not be cached.
Resource Record Type	type	String			The type of data contained in this resource record. See RFC1035. For example: `CNAME`.
Unmapped Data	unmapped	Unmapped			The attributes that are not mapped to the event schema. The names and values of those attributes are specific to the event source.

References

Unmapped

Referenced By

Context

DNS Answer

JSON

            
{
  "caption": "DNS Answer",
  "description": "The DNS Answer object represents a specific response provided by the Domain Name System (DNS) when querying for information about a domain or performing a DNS operation. It encapsulates the relevant details and data returned by the DNS server in response to a query.",
  "extends": "_dns",
  "name": "dns_answer",
  "attributes": {
    "class": {
      "description": "The class of DNS data contained in this resource record. See <a target='_blank' href='https://www.rfc-editor.org/rfc/rfc1035.txt'>RFC1035</a>. For example: <code>IN</code>.",
      "requirement": "recommended",
      "caption": "Resource Record Class",
      "type": "string_t"
    },
    "flag_ids": {
      "caption": "DNS Header Flags",
      "description": "The list of DNS answer header flag IDs.",
      "enum": {
        "1": {
          "caption": "Authoritative Answer"
        },
        "2": {
          "caption": "Truncated Response"
        },
        "3": {
          "caption": "Recursion Desired"
        },
        "4": {
          "caption": "Recursion Available"
        },
        "5": {
          "caption": "Authentic Data"
        },
        "6": {
          "caption": "Checking Disabled"
        },
        "0": {
          "caption": "Unknown",
          "description": "The flag is unknown."
        },
        "99": {
          "caption": "Other",
          "description": "The event DNS header flag is not mapped."
        }
      },
      "requirement": "recommended",
      "sibling": "flags",
      "type": "integer_t",
      "is_array": true
    },
    "flags": {
      "caption": "DNS Header Flags",
      "description": "The list of DNS answer header flags.",
      "requirement": "optional",
      "type": "string_t",
      "is_array": true
    },
    "rdata": {
      "requirement": "required",
      "caption": "DNS RData",
      "description": "The data describing the DNS resource. The meaning of this data depends on the type and class of the resource record.",
      "type": "string_t"
    },
    "ttl": {
      "requirement": "recommended",
      "caption": "TTL",
      "description": "The time interval that the resource record may be cached. Zero value means that the resource record can only be used for the transaction in progress, and should not be cached.",
      "type": "integer_t"
    },
    "type": {
      "description": "The type of data contained in this resource record. See <a target='_blank' href='https://www.rfc-editor.org/rfc/rfc1035.txt'>RFC1035</a>. For example: <code>CNAME</code>.",
      "requirement": "recommended",
      "caption": "Resource Record Type",
      "type": "string_t"
    },
    "packet_uid": {
      "description": "The DNS packet identifier assigned by the program that generated the query. The identifier is copied to the response.",
      "requirement": "recommended",
      "caption": "Packet UID",
      "type": "integer_t"
    },
    "raw_data": {
      "group": "context",
      "caption": "Raw Data",
      "description": "The event data as received from the event source.",
      "type": "json_t"
    },
    "record_id": {
      "description": "Unique identifier for the object",
      "group": "primary",
      "requirement": "required",
      "caption": "Record ID",
      "type": "string_t"
    },
    "unmapped": {
      "caption": "Unmapped Data",
      "description": "The attributes that are not mapped to the event schema. The names and values of those attributes are specific to the event source.",
      "type": "unmapped",
      "is_array": true
    }
  }
}