Request the output result send to SIEM

[jjjan]

add output of sinkholed and malicious domain detection to SIEM such as splunk.

[dpicollege]

good request we need the data send to SIEM in real time with this standard. for example time,src ip, src port,dst ip,dst port, request domain, if malicious domain detect(write it here), ref(which service detect that for example google dns, if blocked(by user intent), and etc that's you think useful. thanks