Vendor: F5

Product: BIG-IP DNS

Rules	Models	MITRE TTPs	Event Types	Parsers
4	0	2	2	2

Use-Case	Event Types/Parsers	MITRE TTP	Content
Malware	dns-query ↳ syslog-f5-dns-query ↳ syslog-f5-dns-query-1 dns-response ↳ syslog-f5-dns-response ↳ s-f5-dns-response ↳ syslog-f5-dns-query-1	T1071.004 - Application Layer Protocol: DNS T1568.002 - Dynamic Resolution: Domain Generation Algorithms	4 Rules

ATT&CK Matrix for Enterprise

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
									Application Layer Protocol: DNS Dynamic Resolution Dynamic Resolution: Domain Generation Algorithms Application Layer Protocol