Microsoft DNS Debug
The IBM® Security QRadar® Log Insights data source type for Microsoft DNS Debug collects events from a Microsoft Windows system.
The following table describes the specifications for the Microsoft DNS Debug data source type:
| Specification | Value |
|---|---|
| Manufacturer | Microsoft |
| Data source type | Microsoft DNS Debug |
| Supported versions |
Windows Server 2008 R2 Windows Server 2012 R2 Windows Server 2016 |
| Connector type | WinCollect Microsoft DNS Debug |
| Event format | LEEF |
| Recorded event types | All operational and configuration network events. |
| Automatically discovered? | No |
| Includes identity? | No |
| Includes custom properties? | No |
| More information | http://www.microsoft.com |
To integrate Microsoft DNS Debug with QRadar Log
Insights,
complete the following steps:
- Add a Microsoft DNS Debug data source in QRadar Log Insights
For more information about adding a data source in QRadar Log Insights, see Adding ingestion data sources.
If you are an IBM QRadar user, see Terminology changes for QRadar customers.