[Bro] Is DNS Query equal to HTTP Host?

Shaleta Bennett shaleta.bennett at gmail.com
Thu Feb 13 08:21:24 PST 2014

Hi can anyone help me figure out if the dns query is the same as the http

I've tried doing the following but did not get any output.

if(c$dns$query == c$http$host)

    #send notice to notice.log
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140213/ac71345e/attachment.html 

More information about the Bro mailing list