On Thu, Mar 08, 2018 at 09:28:41PM -0800, John Pearson wrote:
> On Thu, Mar 8, 2018 at 12:09 PM, Geert Stappers wrote:
> > On Thu, Mar 08, 2018 at 11:03:53AM -0800, John Pearson wrote:
> > > ... I meant that in this case collector.githubapp.com &
> > > api.github.com are also domains that I
Yeah all the requests came from the browser. I can't immediately think of
how parse out an implicit request versus the page itself querying more
domains.
On Thu, Mar 8, 2018 at 12:09 PM, Geert Stappers
wrote:
> On Thu, Mar 08, 2018 at 11:03:53AM -0800, John Pearson wrote:
On Thu, Mar 08, 2018 at 11:03:53AM -0800, John Pearson wrote:
> On Thu, Mar 8, 2018 at 12:55 AM, Geert Stappers wrote:
> > On Wed, Mar 07, 2018 at 06:09:21PM -0800, John Pearson wrote:
> > >
> > > What I'm trying to do: grep log files for domains intentionally asked
> > > for.
> >
> > Mar 7
Thanks Geert. I meant that in this case collector.githubapp.com &
api.github.com are also domains that I didn't directly request. They were
requested by the page when I went to github.com if that makes sense.
On Thu, Mar 8, 2018 at 12:55 AM, Geert Stappers
wrote:
> On Wed,
On Wed, Mar 07, 2018 at 06:09:21PM -0800, John Pearson wrote:
>
> What I'm trying to do: grep log files for domains intentionally asked for.
Mar 7 18:06:04 dnsmasq[29158]: query[A] github.com from 10.1.0.163
Mar 7 18:06:04 dnsmasq[29158]: query[A] github.com from 127.0.0.1
Mar 7 18:06:07
A shot in the dark:
Is there anyway to differentiate or only log domains that are directly
queried? Example:
when I go to github.com from the browser, this is the dnsmasq log file:
Mar 7 18:06:04 dnsmasq[29158]: query[A] github.com from 10.1.0.163
Mar 7 18:06:04 dnsmasq[29158]: forwarded