AWS Route53

  • Updated on Jan 21, 2025
  • Published on Jul 5, 2023
Self Service Ingestion

Connect this data source on your own, using the Hunters platform.

Overview

Table name: route53_resolver_query_logs

AWS Route 53 is a scalable and highly available domain name system (DNS) web service provided by Amazon Web Services (AWS). It offers domain registration, DNS routing, and health checking of resources within your infrastructure. Route 53 effectively translates domain names into IP addresses, allowing users to access websites and services hosted on AWS or other external platforms.

Send data to Hunters

To connect AWS Route 53 logs:

  1. Follow this guide to export the logs into an AWS S3 bucket.

  2. Once the export is completed and the logs are collected to S3, follow the steps in this section.

Expected format

The events are expected in an NDJSON format.

{'version': '1.100000', 'account_id': '123456789', 'region': 'us-west-2', 'vpc_id': 'vpc-123456abcdef', 'query_timestamp': '2022-11-25T04:57:32Z', 'query_name': 'google.com'., 'query_type': 'A', 'query_class': 'IN', 'rcode': 'NOERROR', 'answers': [{'Rdata': 'google.com.', 'Type': 'CNAME', 'Class': 'IN'}, {'Rdata': '8.8.8.8', 'Type': 'A', 'Class': 'IN'}], 'srcaddr': '10.1.2.3', 'srcport': '12345', 'transport': 'UDP', 'srcids': {'instance': 'i-abcdef1234567'}}
{'version': '1.100000', 'account_id': '123456789', 'region': 'us-west-2', 'vpc_id': 'vpc-123456abcdee', 'query_timestamp': '2022-11-25T05:57:32Z', 'query_name': 'google.ru.', 'query_type': 'A', 'query_class': 'IN', 'rcode': 'NOERROR', 'answers': [{'Rdata': 'google.ru.', 'Type': 'CNAME', 'Class': 'IN'}, {'Rdata': '8.8.8.8', 'Type': 'A', 'Class': 'IN'}], 'srcaddr': '10.1.2.5', 'srcport': '12335', 'transport': 'UDP', 'srcids': {'instance': 'i-abcdef1234577'}}

{'version': '1.100000', 'account_id': '123456789', 'region': 'us-west-2', 'vpc_id': 'vpc-123456abcdef', 'query_timestamp': '2022-11-25T04:57:32Z', 'query_name': 'google.com'., 'query_type': 'A', 'query_class': 'IN', 'rcode': 'NOERROR', 'answers': [{'Rdata': 'google.com.', 'Type': 'CNAME', 'Class': 'IN'}, {'Rdata': '8.8.8.8', 'Type': 'A', 'Class': 'IN'}], 'srcaddr': '10.1.2.3', 'srcport': '12345', 'transport': 'UDP', 'srcids': {'instance': 'i-abcdef1234567'}}
{'version': '1.100000', 'account_id': '123456789', 'region': 'us-west-2', 'vpc_id': 'vpc-123456abcdee', 'query_timestamp': '2022-11-25T05:57:32Z', 'query_name': 'google.ru.', 'query_type': 'A', 'query_class': 'IN', 'rcode': 'NOERROR', 'answers': [{'Rdata': 'google.ru.', 'Type': 'CNAME', 'Class': 'IN'}, {'Rdata': '8.8.8.8', 'Type': 'A', 'Class': 'IN'}], 'srcaddr': '10.1.2.5', 'srcport': '12335', 'transport': 'UDP', 'srcids': {'instance': 'i-abcdef1234577'}}