https://store-images.s-microsoft.com/image/apps.45172.2e4218db-bed8-438a-a490-94dbd06761d1.3949dfe3-ce73-493d-a567-62eb1f34c594.3133a91d-a6f1-441f-bccf-a0a25077173b

Windows Server DNS

Microsoft Sentinel, Microsoft Corporation

(1 评分)

Windows Server DNS

Microsoft Sentinel, Microsoft Corporation

(1 评分)

Windows Server DNS

Note: Please refer to the following before installing the solution:

• Review the solution Release Notes

• There may be known issues pertaining to this Solution, please refer to them before installing.

The DNS solution for Microsoft Sentinel allows you to ingest DNS analytic and audit logs into Microsoft Sentinel. The DNS logs are collected only from Windows agents.

Installing this solution will deploy two data connectors,

  1. DNS via AMA - This data connector helps in ingesting Windows DNS logs into your Log Analytics Workspace using the new Azure Monitor Agent. Learn more about ingesting using the new Azure Monitor Agent here. Microsoft recommends using this Data Connector.

  2. DNS via Legacy Agent - This data connector helps in ingesting Windows DNS logs into your Log Analytics Workspace using the legacy Log Analytics agent.

NOTE: After this solution is deployed, Microsoft recommends configuring and leveraging the DNS via AMA connector for ingesting DNS events. Legacy connector uses the Log Analytics agent which is about to be deprecated by Aug 31, 2024, and thus should only be installed where AMA is not supported.

Data Connectors: 2, Workbooks: 1, Analytic Rules: 5, Hunting Queries: 9

Learn more about Microsoft Sentinel | Learn more about Solutions