You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/dns-normalization-schema.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -226,7 +226,7 @@ The fields listed in this section are specific to DNS events, although many are
226
226
|**DnsFlagsCheckingDisabled**| Optional | Boolean | The DNS `CD` flag, which is related to DNSSEC, indicates in a query that non-verified data is acceptable to the system sending the query. see [RFC 3655 Section 6.1](https://tools.ietf.org/html/rfc3655#section-6.1) for more information. |
227
227
|**DnsFlagsRecursionAvailable**| Optional | Boolean | The DNS `RA` flag indicates in a response that that server supports recursive queries. |
228
228
|**DnsFlagsRecursionDesired**| Optional | Boolean | The DNS `RD` flag indicates in a request that that client would like the server to use recursive queries. |
229
-
|**DnsFlagsTruncates**| Optional | Boolean | The DNS `TC` flag indicates that a response was truncates as it exceeded the maximum response size. |
229
+
|**DnsFlagsTruncated**| Optional | Boolean | The DNS `TC` flag indicates that a response was truncated as it exceeded the maximum response size. |
230
230
|**DnsFlagsZ**| Optional | Boolean | The DNS `Z` flag is a deprecated DNS flag, which might be reported by older DNS systems. |
231
231
|<aname="dnssessionid"></a>**DnsSessionId**| Optional | string | The DNS session identifier as reported by the reporting device. Note that this value is different from [TransactionIdHex](#transactionidhex), the DNS query unique ID as assigned by the DNS client.<br><br>Example: `EB4BFA28-2EAD-4EF7-BC8A-51DF4FDF5B55`|
232
232
|**SessionId**| Alias | String | Alias to [DnsSessionId](#dnssessionid)|
@@ -250,7 +250,7 @@ The following fields are aliases that are maintained for backwards compatibility
250
250
251
251
The changes in version 0.1.2 of the schema are:
252
252
- Added the field `EventSchema`.
253
-
- Added dedicated flag field which augments the combined **[Flags](#flags)** field: `DnsFlagsAuthoritative`, `DnsFlagsCheckingDisabled`, `DnsFlagsRecursionAvailable`, `DnsFlagsRecursionDesired`, `DnsFlagsTruncates`, and `DnsFlagsZ`.
253
+
- Added dedicated flag field which augments the combined **[Flags](#flags)** field: `DnsFlagsAuthoritative`, `DnsFlagsCheckingDisabled`, `DnsFlagsRecursionAvailable`, `DnsFlagsRecursionDesired`, `DnsFlagsTruncated`, and `DnsFlagsZ`.
254
254
255
255
The changes in version 0.1.3 of the schema are:
256
256
- The schema now explicitly documents `Src*`, `Dst*`, `Process*` and `User*` fields.
0 commit comments