VitalQIP¶
About¶
Nokia VitalQIP is a DDI solution (domain name system (DNS), Dynamic Host Configuration Protocol (DHCP) and IP address management (IPAM)).
Product Details¶
Vendor URL: VitalQIP
Product Type: IP Address Management
Product Tier: Tier II
Integration Method: Syslog
Integration URL: VitalQIP
Parser Details¶
Log Format: Syslog
Expected Normalization Rate: near 100%
Data Label: VITALQIP
UDM Fields (list of all UDM fields leveraged in the Parser):
| Log File Field | UDM Field |
|---|---|
| VITALQIP | metadata.product_name |
| NETWORK_DNS | metadata.event_type |
| DNS | network.application_protocol |
| client_ip_address | principal.ip |
| client_port | principal.port |
| questions_name | network.dns.questions.name |
| questions_type | network.dns.questions.type |
| questions_class | network.dns.questions.class |
| answers_ip | network.dns.answers.name |
Product Event Types¶
| Event | UDM Event Classification |
|---|---|
| all events | NETWORK_DNS |
Log Sample¶
05-Mar-2022 18:44:32.924 client 10.1.1.1#23254 (hostname.domain.com): query: hostname.domain.com IN AAAA + (10.2.5.5)
Sample Parsing¶
metadata.event_type: NETWORK_DNS
metadata.product_name: "VITALQIP"
principal.ip: "10.1.1.1"
principal.port: 23254
network.application_protocol: DNS
network.dns.questions.name: "hostname.domain.com"
network.dns.questions.type: 28
network.dns.questions.class: 1
network.dns.answers.name: "10.2.5.5"
Parser Alerting¶
This product currently does not have any Parser-based Alerting