Cisco Umbrella DNS
Cisco Umbrella DNS query log (S3 export + REST API activity).
Fields
| Field | Type | Name | Description |
|---|---|---|---|
| _time | Date | 시각 | e.g. 2026-04-12 23:39:45 |
| type | String | 유형 | e.g. dns |
| domain | Domain | 도메인 | e.g. www.google.com |
| action | String | 대응 | e.g. PERMIT, BLOCK, PROXY |
| query_type | String | 쿼리유형 | e.g. 1 (A), 28 (AAAA), 64 (Other) |
| response_code | String | 응답코드 | e.g. NOERROR, NXDOMAIN |
| external_ip | IP address | 외부IP | e.g. 198.51.100.1 |
| internal_ip | IP address | 내부IP | e.g. 198.51.100.1 |
| identity | String | 신원 | e.g. Office_Network |
| identity_type | String | 신원유형 | e.g. Networks |
| identities | String | 신원목록 | e.g. Office_Network |
| identity_types | String | 신원유형목록 | e.g. Networks |
| categories | String | 분류 | e.g. Search Engines,Application,Search Engines and Portals |
| blocked_categories | String | 차단분류 | e.g. Malware |
| rule_id | String | 룰ID | e.g. 12345 |
| destination_countries | String | 목적지국가 | e.g. US |
| org_id | String | 조직ID | e.g. 1234567 |
| app | String | 애플리케이션 | e.g. 1Password |
| threats | String | 위협 | e.g. Malware |