DNS debug log source configuration options
Use the reference information to configure the WinCollect plug-in for Microsoft Windows DNS debug logging.
- Windows Server 2019 (including Core)
- Windows Server 2016 (including Core)
- Windows Server 2012 R2
- Windows Server 2012
|File Reader Type||Reads file contents. Both options have basic Unicode encoding support for byte-order marks.
If you choose the Text (file held open) option, then WinCollect maintains a shared read and write lock on the monitored log file.
If you choose the Text (file open when reading) option, then WinCollect maintains a shared read and write lock on the log file only when it reads the file.
|File Monitor Type||Detects file and directory changes:
The Notification-based (local) option uses the Windows file system notifications to detect changes to your DNS log.
The Polling-based (remote) option monitors changes to remote files and directories. The agent polls the remote DNS log and compares the file to the last polling interval. If the log contains new entries, the entries are retrieved.
|File Pattern||The regular expression (regex) required to match the DNS debug log file set in the DNS manager.|
The directory where WinCollect monitors files. The directory must be Local File System for local collection, or a valid Microsoft Windows universal naming convention (UNC) path for remote collection.
This value must match the file path that is configured in your DNS manager.
Important: Due to restrictions in distributed systems, the path can't be verified in the user interface.
|Include DNS Details||Includes DNS details in the Windows Server DNS debugging log.|
For more information about Microsoft DNS Debug specifications, see the IBM® QRadar® DSM Configuration Guide.