Firewall DNS Operation Question
We have noticed in our SIEM that we are receiving an insane amount of DNS logs from our Fortigates for some specific domains.
I know that these are some default domains in the firewall - I believe that they may be defaulted as SSL decryption ignore. (but not 100% positive)
My real question is how to have the Fortigates stop sending SIEM millions of these events every day and why are these domains specifically doing it? Is something misconfigured??