pihole 5.2 support

• added support for more (less frequent) query types
• cname inspection
• fix for #35

please reimport the ndjson dashboard and apply the updated version of 20-dns-syslog.conf

fix for #19

fix for #19

this is an intermediate release as the grok logic needs some further tweaking ...

this release fixes some major issues I've discovered which lead to incorrect mapping of log lines with tags:

• request and query type
• response domain to ip
• cached domain to ip

this could lead to tagging of logs which are actually "cached domain to ip" to be categorized as "response domain to ip". From this update on you should see A LOT more cached entries than ever before.

the dashboard also needed some fixing as the request count in some visualizations where not counted correctly.

note: the file ndjson/v7.x vis and dash/elk-hole - vis_and_dash.ndjson should be imported (select overwrite) into kibanas saved objects and will include both the updated visualizations and the dashboard.

for this patch to work you only need to replace the following files:

20-dns-syslog.conf
import into kibanas saved objects: elk-hole - vis_and_dash.ndjson

fixed incorrect tagging

this is an intermediate release as the grok logic needs some further tweaking ...

this release fixes some major issues I've discovered which lead to incorrect mapping of log lines with tags:

• request and query type
• response domain to ip
• cached domain to ip

this could lead to tagging of logs which are actually "cached domain to ip" to be categorized as "response domain to ip". From this update on you should see A LOT more cached entries than ever before.

the dashboard also needed some fixing as the request count in some visualizations where not counted correctly.

note: the file ndjson/v7.x vis and dash/elk-hole - vis_and_dash.ndjson should be imported (select overwrite) into kibanas saved objects and will include both the updated visualizations and the dashboard.

for this patch to work you only need to replace the following files:

20-dns-syslog.conf
import into kibanas saved objects: elk-hole - vis_and_dash.ndjson

merging pull/15 to master

merging #15 to master

ELK7.x support & visualization changes under the hood

• replaced "<field.keyword>" to "f.ield" in v7.x (this is only until I figure out what is 'wrong' with the index template)
• the old files are still available, selectable via the suitable folder named according to the version
  elk-hole.zip

v0.2

various dashboard fixes
elk-hole.zip

v0.1.11

elk-hole.zip

v0.1.1

Update 20-dns-syslog.conf

initial

elk-hole.zip

initial release