NetIQ Sentinel: Generic Hostname Resolution Service Collector

Enhance the Generic Hostname Resolution Service Collector as follows:

1) Use DNS Java jar file to resolve the IP Address to Hostname and Vice versa.
2) Use file lock concept for the temporary files which is in ESEC_HOME/collector_common directory, before reading and processing the data in those files.

by: Al K. | over a year ago | Integrations

We are accepting this idea into our backlog. When it is planned for development, the status of the idea will be changed to "Planned".

by: Ted Ernst | over a year ago
official response
Additional requirements from Bug 830297 - provide a DNS resolution service that scales
- Nowadays its especially the internet facing event sources like firewalls and proxies that provide important data for analyzing APT related incidents using threat intelligence. Customers must be able to determine the internal hosts involved in such communications from collected IP addresses.
- cached values must be expired after their TTL
- updates to internal DNS zones (think enterprise DHCP) should be reflected in Sentinel's host name resolution service in real time.

by: Norbert K. | over a year ago

Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.

6

Generic Hostname Resolution Service Collector

Comments