Skip to content

TehMuffinMoo/qsaf

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

183 Commits
.github
.github
 
 
Docker
Docker
 
 
docs
docs
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
RELEASE.md
RELEASE.md
 
 
config.ini
config.ini
 
 

Repository files navigation



Query Store & Forward (QSAF)

A Docker Container used to Store & Forward DNS Queries.

OverviewDocumentationFeature RequestsLicense

Overview

QSAF was designed to provide a means of passive DNS log collection for the purpose of an Infoblox Security Assessment.

You can collect DNS Syslog data in various formats, which can then be replayed as DNS queries in real time or stored for replaying at a later time.

Collected data will retain the original Source IP during replayed queries when sending them to the Infoblox Threat Defense Cloud Resolvers.

Check out the Documentation site for Installation & Usage information.

Docker Compose Example

version: '3'

services:
  qsaf:
    image: ghcr.io/tehmuffinmoo/qsaf:latest
    ports:
      - 514:514/udp
    environment:
      HWID: RANDOM
      LOGLEVEL: INFO
    restart: always
    volumes:
      - ./config.ini:/home/qsaf/config.ini
      - ./logs:/var/log/syslog-ng

Feature Requests

  • If the feature you are looking for is not yet built into the QSAF Container, you can raise a feature request via Github Issues.

License

MIT

Mat Cox

About

Query Store & Forward

qsaf.readthedocs.io

Topics

infoblox threat-defense b1td infoblox-security-assessment infoblox-threat-defense

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases 8

Release v0.11 Latest
Jan 14, 2025
+ 7 releases

Packages

 
 
 

Languages