The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to Ip addresses. so browsers can load Internet resources. Most network software, including malware, relies on it to resolve domains to IP addresses before it can establish connections over protocols such as HTTP(S), SMTP, and many others. This means that DNS logging will contain a more complete record, not limited to HTTP(S) traffic, of domains access by endpoints in the environment, making it a valuable log source for defenders.