I have downloaded DNS Security check from Marketplace for analysis of DNS logs in ArcSight ESM.
It involves 4 modules of taking details of Non corporate servers in communication and all.
Even after successful installation, the filtered data is not getting properly or nothing find in the result.
Need to know how the top external servers and fast flux servers from the logs get filtered using this DNS Security Check.