diff --git a/logstash/patterns/dns~HEAD b/logstash/patterns/dns~HEAD
new file mode 100644
index 0000000000000000000000000000000000000000..4542562f9bd5c26f77897e6d1b4459081ad9bc21
--- /dev/null
+++ b/logstash/patterns/dns~HEAD
@@ -0,0 +1,5 @@
+HOSTNAMEPTR \b(?:[\._0-9A-Za-z][0-9A-Za-z-]{0,62})(?:\.(?:[\._0-9A-Za-z][0-9A-Za-z-]{0,62}))*(\.?|\b)
+NODATA NODATA-[[:word:]]+
+SRV _+.+\S
+FQDN \b(?:[\w-][\w-]{0,62})(?:\.(?:[\w-][\w-]{0,62}))*(\.?|\b)
+DNSMASQPREFIX %{SYSLOGTIMESTAMP:date} %{SYSLOGPROG}: %{INT:logrow} %{IP:source_host}\/%{POSINT:source_port}
\ No newline at end of file