So we have a bunch of GTM (or BIGIP-DNS) log data in Splunk and most don't know what the heck all of these different fields mean.
- Host (GMT):
I suppose I will take a crack at it and see if I can find explanations of each field.
QID (query ID)
You can trace a query and response based on the QID#