[Samba] DNS logging for TLD queries?


    Is it possible to filter DNS queries for specific TLD's using the internal logging system? My IPS/IDS alerts me when a suspicious TLD is being queried. However I'm only able to see the DC as the source.  Thanks.

Ubuntu 14.04 Samba 4.7.3.


