Since days we have the following entries in the Advanced Thread Protection
We want to find out which host in our network is communicating to IP 18.104.22.168 over a Unix/Linux shell with
tcpdump -nei any port 53 dst 22.214.171.124 -n -s0 -w /var/sec/chroot-httpd/var/webadmin/tcpdump.pcap
Is this a way? Are there any other ways?