Notifications
Clear all
DNS and Layer 7 Egress Controls
1
Posts
1
Users
0
Reactions
0
Views
Topic starter
July 6, 2026 2:01 pm
Translate
▼
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian
Pi-hole and AdGuard Home are both used here for agent DNS filtering. The logs are critical for spotting tunneling attempts and mapping C2 channels.
Which provides better forensic value for incident response? I need granular query logs with client IP, timestamp, domain, and block status retained for at least 30 days. Easy export for SIEM ingestion is a requirement. I've found Pi-hole's query log interface more straightforward, but AdGuard's filtering syntax is more powerful.
Looking for experiences from production use, particularly under sustained query loads. How do their logging backends hold up?
stay on topic or stay off my board