Transforms.conf > pihole_default
Closed this issue · 4 comments
Transforms.conf > pihole_default does not match query or response syntax in pihole 5.1.2.
could be updated to "dnsmasq[[^\]]*]:\s"
Nov 27 15:41:13 dnsmasq[16616]: query[AAAA] apps.splunk.com from 10.1.10.100
Nov 27 16:08:22 dnsmasq[16616]: reply api-global.us-east-1.origin.prodaa.netflix.com is 52.44.232.159
can confirm that changing the props.conf with your fix worked for basic searching.
Testing Data Model Acceleration tonight.
[Edit] - src_ip and src_port does not extract correctly - opened separate issue; see link below
Pasting same comment for each related issue:
Please check if log-queries=extra
in /etc/dnsmasq.d/01-pihole.conf. If not, this could be the root cause of the issue. Anytime Pi-hole updates, it overwrites this file with updates. So if you have set this setting in the past, it would be erased during an update.
To fix, add log-queries=extra
in /etc/dnsmasq.d/01-pihole.conf or follow the instructions at the top of the file and create a new file in the same directory with this change. Note: creating your own file to override this setting may cause issues during an update. removing the file and then re-adding it after the update will fix the issue.
Make sure to run pihole restardns
after updating settings so the changes take affect.
Great catch! that was the issue 100%