Dear All,
I'm trying to retrieve and parse windows dns log, the sample looks like this:
1/23/2020 11:59:42 PM 0B50 PACKET 000001F5A879FCD0 UDP Snd 10.231.150.89 b40e R Q [8081 DR NOERROR] A (3)www(15)msftconnecttest(3)com(0)
After installed plunk Add-on for Microsoft Windows DNS , it can automatically extract filed query = (3)www(15)msftconnecttest(3)com(0). But the query name looks very strange, the real name should be www.msftconnecttest.com .
So my question is , how to parse or transform the query name into correct format. maybe need to write some regular expression
or something, but i'm not good at it.
... View more