I wanted to start working on something to get aquainted with the bro programming. I figured DNS might be a good start. It seems to be the way I learn the best and I learned python this way. My goals are maybe create something simple that displays a notice for a particular query type, PTR, NS, MX etc.
Where is there a good example of how I go about this? Inside of policy/protocols/dns ?
Once I create this I can call it from local.bro correct?