https://github.com/graylog-labs/graylog-plugin-dnsresolver

Message filter plugin to reverse lookup the source field
https://github.com/graylog-labs/graylog-plugin-dnsresolver

dns dns-lookup graylog graylog-plugin message-filter

Last synced: 5 months ago
JSON representation

Message filter plugin to reverse lookup the source field

• Host: GitHub
• URL: https://github.com/graylog-labs/graylog-plugin-dnsresolver
• Owner: graylog-labs
• License: apache-2.0
• Created: 2015-02-12T15:52:49.000Z (over 11 years ago)
• Default Branch: master
• Last Pushed: 2018-01-08T17:35:11.000Z (over 8 years ago)
• Last Synced: 2023-04-10T13:06:42.156Z (about 3 years ago)
• Topics: dns, dns-lookup, graylog, graylog-plugin, message-filter
• Language: Java
• Homepage:
• Size: 42 KB
• Stars: 9
• Watchers: 16
• Forks: 6
• Open Issues: 4
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
DNS Resolver Plugin for Graylog

===============================

[![Build Status](https://travis-ci.org/graylog-labs/graylog-plugin-dnsresolver.svg)](https://travis-ci.org/graylog-labs/graylog-plugin-dnsresolver)

This message filter plugin can be used to do DNS lookups for the `source` field in Graylog messages.

**Required Graylog version:** 2.4.0 and later

Please use version 1.1.2 of this plugin if you are still running Graylog 1.x

## Installation

[Download the plugin](https://github.com/graylog-labs/graylog-plugin-dnsresolver/releases)

and place the `.jar` file in your Graylog plugin directory. The plugin directory

is the `plugins/` folder relative from your `graylog-server` directory by default

and can be configured in your `graylog.conf` file.

Restart `graylog-server` and you are done.

## Configuration

The following configuration options can be added to the Graylog configuration file.

* `dns_resolver_enabled` -- Set to `true` if the message filter should be run. (default `false`)

* `dns_resolver_run_before_extractors` -- Set to `true` if the DNS lookup should be done before running extractors. (default `true`)

* `dns_resolver_timeout` -- The timeout for the DNS lookup. (default `2s`)

## Build

This project is using Maven and requires Java 8 or higher.

You can build a plugin (JAR) with `mvn package`.

DEB and RPM packages can be build with `mvn jdeb:jdeb` and `mvn rpm:rpm` respectively.

## Plugin Release

We are using the maven release plugin:

```

$ mvn release:prepare

[...]

$ mvn release:perform

```

This sets the version numbers, creates a tag and pushes to GitHub. TravisCI will build the release artifacts and upload to GitHub automatically.