[jira] [Commented] (NIFI-1965) Create a QueryDNS processor

[ASF GitHub Bot (JIRA)]

    [ 
https://issues.apache.org/jira/browse/NIFI-1965?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15315888#comment-15315888
 ] 

ASF GitHub Bot commented on NIFI-1965:
--------------------------------------

GitHub user trixpan opened a pull request:

    https://github.com/apache/nifi/pull/496

    NIFI-1965 - Implement QueryDNS Processor

    * Implement QueryDNS processor 
    * Create AbstractEnrichProcessor
    * Rename nifi-geo-bundle to nifi-enrich-bundle
    
    QueryDNS processor is a powerful DNS enrichment processor that should 
enable NiFi pipelines to enrich flowfiles using DNS based APIs such as:
    
    DNSBLs (e.g. RBLs, RHSBLs, Senderbase, etc) 
    [Team Cymru - Malware Hash Registry](http://www.team-cymru.org/MHR.html)
    [Shadowserver Foundation ASN 
lookup](https://www.shadowserver.org/wiki/pmwiki.php/Services/IP-BGP)
    
    The Processor is also able to perform simple DNS lookups (although 
unarguably overspec'ed for the task).

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/trixpan/nifi NIFI-1965

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/nifi/pull/496.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #496
    
----
commit c23b1d27a448637f242bbdba30a090fb7b3285da
Author: Andre F de Miranda <trix...@users.noreply.github.com>
Date:   2016-06-04T00:40:56Z

    NIFI-1965 - Rename nifi-geo-bundle to nifi-enrich-bundle

commit 55aa9079d7984f1bc3b62a2fd4e6a9fd53e7a48a
Author: Andre F de Miranda <trix...@users.noreply.github.com>
Date:   2016-06-04T15:41:16Z

    NIFI-1965 - Implement QueryDNS processor

----


> Create a QueryDNS processor
> ---------------------------
>
>                 Key: NIFI-1965
>                 URL: https://issues.apache.org/jira/browse/NIFI-1965
>             Project: Apache NiFi
>          Issue Type: Bug
>            Reporter: Andre
>
> As part of a data pipeline security teams frequently must enrich data using 
> DNS enabled APIs such as:
> ShadowServer BGP and ASN lookup via DNS
> https://www.shadowserver.org/wiki/pmwiki.php/Services/IP-BGP#toc7 
> Team Cymru Malware Hash Registry
> http://www.team-cymru.org/MHR.html
> Spamhaus (SBL, XBL, etc)
> and others
> QueryDNS will use an expression language enabled property to run a query 
> against DNS and add the raw result to an attribute (for later processing if 
> necessary). 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)