UTMStack
Windows DNS logs #904
-
|
Can Windows DNS log files be integrated with UTMStack? I want to correlate firewall events with DNS lookups. |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
Hi @random2342, we have a winlogbeat integration that can manage many Windows events, but if you want to correlate a specific kind of windows logs, you can use "syslog" or "json" integration if you have a way to redirect the logs according to the selected integration steps. Best regards |
Beta Was this translation helpful? Give feedback.
-
|
The simplest way to fulfill your requirement is by using the Winbeat agent. You can configure Sysmon on your systems to push all events to UTMStack. However, I'm not certain how Sysmon behaves on a Windows DNS server—you can try it, and it may forward all logs related to Windows DNS server events. |
Beta Was this translation helpful? Give feedback.
Hi @random2342, we have a winlogbeat integration that can manage many Windows events, but if you want to correlate a specific kind of windows logs, you can use "syslog" or "json" integration if you have a way to redirect the logs according to the selected integration steps.
Best regards