EVE DNS v2 logging does not support request filtering.
The v2 implementation of EVE DNS supports filtering the response types with the answer-types parameter, however there is no equivalent to filter requests from being logged. This is a regression from the v1 logging which supported request filtering.
- Status changed from Assigned to Rejected
Rejecting. I was wrong, I think due to dated documentation. Filtering does work as expected, and aligns with the last documentation updates to the EVE/DNS section.
This suricata-verify test confirms it works as expected: