Filter Querylog & Toplist by query response (NXDOMAIN)

Malware generates hostnames based on some obscure algorithm so they can be spotted by an unusual amount of failed queries.

In addition to that, if there are applications on the network with repeated fails you might wanna dig into this configuration error and maybe replace outdated things.

Perhaps I am missing something, but this feature request makes little sense. "... maybe replace outdated things..."?

What is the underlying problem, and specifically what changes do you request to the Pi-hole software to address this problem?

Examples would be very helpful.

To address just the title of your feature request (Filter Querylog & Toplist by query response (NXDOMAIN)), you can already do this with the filtering tools provided in the query log. You can filter by client, request type, status, reply, etc.

Unfiltered

Filtered for NXDOMAIN reply

1 Like