This analytic rule is designed to detect Domain Generation Algorithm (DGA) generated domains utilizing a pre-trained deep learning model within the Splunk Data Science and Deep Learning (DSDL) application. DGAs are techniques used by attackers to automatically create numerous domain names for command-and-control servers, complicating the process of blocking malicious traffic. The detection relies on the Network Resolution data model to scrutinize domain names and identify unusual character patterns often associated with DGA activity. If such domains are detected and confirmed as malicious, it may indicate ongoing attempts by adversaries to maintain persistent communication with compromised systems, evade detection, or conduct additional malicious actions. The implementation requires prior configuration of the DSDL app and deployment of the pre-trained model, ensuring that it is appropriately set up to analyze incoming network data and produce relevant alerts.