diff --git a/src/fieldset.c b/src/fieldset.c
index 1b9ec10c6..c2852bbda 100644
--- a/src/fieldset.c
+++ b/src/fieldset.c
@@ -306,7 +306,20 @@ char *fs_get_string_by_index(fieldset_t *fs, int index)
 	return (char *)fs->fields[index].value.ptr;
 }
 
-int fds_get_index_by_name(fielddefset_t *fds, char *name)
+fieldset_t *fs_get_fieldset_by_index(fieldset_t *fs, int index) {
+	return (fieldset_t *)fs->fields[index].value.ptr;
+}
+
+int fs_get_index_by_name(fieldset_t *fs, const char *name) {
+	for (int i = 0; i < fs->len; i++) {
+		if (!strcmp(fs->fields[i].name, name)) {
+			return i;
+		}
+	}
+	return -1;
+}
+
+int fds_get_index_by_name(fielddefset_t *fds, const char *name)
 {
 	for (int i = 0; i < fds->len; i++) {
 		if (!strcmp(fds->fielddefs[i].name, name)) {
diff --git a/src/fieldset.h b/src/fieldset.h
index b23b5394d..070a30df2 100644
--- a/src/fieldset.h
+++ b/src/fieldset.h
@@ -91,7 +91,11 @@ fieldset_t *fs_new_repeated_fieldset();
 
 char *fs_get_string_by_index(fieldset_t *fs, int index);
 
-int fds_get_index_by_name(fielddefset_t *fds, char *name);
+int fds_get_index_by_name(fielddefset_t *fds, const char *name);
+
+int fs_get_index_by_name(fieldset_t *fs, const char *name);
+
+fieldset_t *fs_get_fieldset_by_index(fieldset_t *fs, int index);
 
 void gen_fielddef_set(fielddefset_t *fds, fielddef_t fs[], int len);
 
diff --git a/src/probe_modules/module_dns.c b/src/probe_modules/module_dns.c
index e13e6f59f..7663f5722 100644
--- a/src/probe_modules/module_dns.c
+++ b/src/probe_modules/module_dns.c
@@ -81,7 +81,9 @@ typedef uint8_t bool;
 probe_module_t module_dns;
 static int num_ports;
 
-char default_domain[16];
+const char *default_domain = "loadbalancer-portal-public-01.horizon.netscout-dev.com";
+const char *default_ip = "52.37.99.50";
+
 const uint16_t default_qtype = DNS_QTYPE_A;
 
 static char **dns_packets;
@@ -92,21 +94,21 @@ static uint16_t *qtypes;
 static int num_questions = 0;
 
 // Fix for dns-hijacking
-void generate_default_domain() {
-	static const char *candidate_domains[] = {
-		"www.test.com",
-		"www.dict.com",
-		"www.food.com",
-		"www.book.com",
-		"www.leaf.com",
-		"www.hope.com"
-	};
-	time_t t;
-	srand((unsigned) time(&t));
-	const char *chosen = candidate_domains[rand() % (sizeof(candidate_domains) / sizeof(candidate_domains[0]))];
-	strncpy(default_domain, chosen, sizeof(default_domain) - 1);
-	log_info("dns", "generate_default_domain: %s", default_domain);
-}
+// void generate_default_domain() {
+// 	static const char *candidate_domains[] = {
+// 		"www.test.com",
+// 		"www.dict.com",
+// 		"www.food.com",
+// 		"www.book.com",
+// 		"www.leaf.com",
+// 		"www.hope.com"
+// 	};
+// 	time_t t;
+// 	srand((unsigned) time(&t));
+// 	const char *chosen = candidate_domains[rand() % (sizeof(candidate_domains) / sizeof(candidate_domains[0]))];
+// 	strncpy(default_domain, chosen, sizeof(default_domain) - 1);
+// 	log_info("dns", "generate_default_domain: %s", default_domain);
+// }
 
 /* Array of qtypes we support. Jumping through some hoops (1 level of
  * indirection) so the per-packet processing time is fast. Keep this in sync
@@ -571,7 +573,7 @@ static bool process_response_answer(char **data, uint16_t *data_len,
 		fs_add_binary(afs, "rdata", rdlength, rdata, 0);
 	}
 	// Now we're adding the new fs to the list.
-	fs_add_fieldset(list, NULL, afs);
+	fs_add_fieldset(list, "rdata_fs", afs);
 	// Now update the pointers.
 	*data = *data + bytes_consumed + sizeof(dns_answer_tail) + rdlength;
 	*data_len =
@@ -604,7 +606,7 @@ static int dns_global_initialize(struct state_conf *conf)
 	char *qtype_str = NULL;
 	char **domains = (char **)xmalloc(sizeof(char *) * num_questions);
 
-	generate_default_domain();
+	// generate_default_domain();
 	for (int i = 0; i < num_questions; i++) {
 		domains[i] = (char *)default_domain;
 		qtypes[i] = default_qtype;
@@ -929,7 +931,6 @@ void dns_process_packet(const u_char *packet, uint32_t len, fieldset_t *fs,
 
 		// High level info
 		fs_add_string(fs, "classification", (char *)"dns", 0);
-		fs_add_bool(fs, "success", is_valid);
 		fs_add_bool(fs, "app_success",
 			    is_valid && (qr == DNS_QR_ANSWER) &&
 				(rcode == DNS_RCODE_NOERR));
@@ -1041,7 +1042,23 @@ void dns_process_packet(const u_char *packet, uint32_t len, fieldset_t *fs,
 			}
 			// Did we parse OK?
 			fs_add_uint64(fs, "dns_parse_err", err);
+
+			int idx = fs_get_index_by_name(fs, "dns_answers");
+			if (idx >= 0) {
+				list = fs_get_fieldset_by_index(fs, idx);
+				idx = fs_get_index_by_name(list, "rdata_fs");
+				if (idx >= 0) {
+					list = fs_get_fieldset_by_index(list, idx);
+					idx = fs_get_index_by_name(list, "rdata");
+					if (idx >= 0) {
+						is_valid = strcmp(fs_get_string_by_index(list, idx), default_ip) == 0;
+					}
+				}
+			} else {
+				is_valid = 0;
+			}
 		}
+		fs_add_bool(fs, "success", is_valid);
 		// Now the raw stuff.
 		fs_add_binary(fs, "raw_data", (udp_len - sizeof(struct udphdr)),
 			      (void *)&udp_hdr[1], 0);