The dns.windows
tag identifies log events generated by the Windows Server Domain Name System (DNS).
Tag structure
This technology uses a single tag to support all events generated by the Windows Server Domain Name System (DNS). The tag is simply dns.windows
and the associated events are saved in Devo in a table of the same name.
Product / Service | Tags | Data tables |
---|---|---|
Windows DNS |
|
|
For more information, read more about Devo tags.
Configuration
Create a simple rule on your Devo Relay that applies the dns.windows
tag to all events arriving on a specified port. In the example below, we use port 13003 but you should use any port that you can dedicate to these events.
Source port →
13003
Target tag →
dns.windows
Check the Stop processing and Sent without syslog tag checkboxes.