My DNS trace contains more than 1 'Answer RRs'. How do I extract 'Name' (dns.resp.name) and 'Addr' (dns.resp.addr) field from each response & print it in same line as requested domain name. I tried using -Tfields -e "dns.resp.name" -e "dns.resp.addr" but I don't get any response at all. asked 15 Jan '15, 08:20 Vijay Gharge |
One Answer:
Hello, I found issue. It is due to older version I could not print those fields. Thanks to Kali live linux CDs I found newer version ! After processing data using -T & -e options, I got request / response data on separate lines and then just wrote following bash script to map request & response on the same line.
answered 08 Mar '15, 09:22 Vijay Gharge edited 08 Mar '15, 09:24 |