Zeek dns.log Sample for SANS JSON and jq Handout

dns.log

{"ts":1602265824.123071,"uid":"CHFRflzsgM15k9et4","id.orig_h":"192.168.75.169","id.orig_p":58506,"id.resp_h":"192.168.75.1","id.resp_p":53,"proto":"udp","trans_id":50763,"rtt":0.022633075714111329,"query":"www.sansgear.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":true,"RA":true,"Z":0,"answers":["vhost1.identityvector.com","70.32.97.206"],"TTLs":[3600.0,3600.0],"rejected":false}