Heads up! These docs are for STIX 1.1.1, which is not the latest version (1.2). View the latest!

DNSQueryObjectTypeDNS Query Object Schema

The DNSQueryType is intended to characterize a single DNS query and its components.


Fields

Field Name Type Description
@object_referenceoptional QName

The object_reference field specifies a unique ID reference to an Object defined elsewhere. This construct allows for the re-use of the defined Properties of one Object within another, without the need to embed the full Object in the location from which it is being referenced. Thus, this ID reference is intended to resolve to the Properties of the Object that it points to.

Custom_Properties0..1 CustomPropertiesType

The Custom_Properties construct is optional and enables the specification of a set of custom Object Properties that may not be defined in existing Properties schemas.

@successfuloptional boolean

The successful field specifies whether or not the DNS Query was successful.

Transaction_ID0..1 HexBinaryObjectPropertyType

The Transaction_ID field specifies the Transaction ID value of the DNS query message header.

Question0..1 DNSQuestionType

The Question field specifies the DNS question component of the DNS query.

Answer_Resource_Records0..1 DNSResourceRecordsType

The Answers field specifies any Answers resource records that were returned for the DNS query.

Authority_Resource_Records0..1 DNSResourceRecordsType

The Authority_Resource_Records field specifies any Authority resource records that were returned for the DNS query.

Additional_Records0..1 DNSResourceRecordsType

The Authority_Resource_Records field specifies any Additional resource records that were returned for the DNS query.

Date_Ran0..1 DateTimeObjectPropertyType

The Date_Ran field specifies the date and time that the DNS query was run.

Service_Used0..1 StringObjectPropertyType

The Service_Used field specifies the service used to run the DNS Query.