Products: Amazon AWS - Route53
| Rule ID | Rule Name |
|---|---|
| LEGACY-S00003 | Base32 in DNS Query |
| LEGACY-S00026 | DNS Lookup of High Entropy Domain |
| LEGACY-S00030 | Domain Resolution in Non-Standard TLD |
| LEGACY-S00027 | Hexadecimal in DNS Query Domain |
| THRESHOLD-S00078 | High Volume of DNS 'Any' Queries |
| LEGACY-S00061 | Possible DNS Data Exfiltration |
| LEGACY-S00008 | Possible Dynamic DNS Domain |
| MATCH-S00595 | Telegram API Access |
| LEGACY-S00109 | Threat Intel - Matched Domain Name |
| LEGACY-S00107 | Threat Intel Match - IP Address |
| Log Mapper ID | Log Mapper Name |
|---|---|
| 5867c69d-aa70-49b3-a9dd-9247c1408074 | AWS Route 53 Logs |