MS Windows Event Logging XML - DNS
Device Details
Device Name | MS Windows Event Logging XML - DNS |
Vendor | Microsoft Windows |
Device Type | DNS Logging |
Supported Model Name/Number | N/A |
Supported Software Version | N/A |
Collection Method | MS Windows Event Logging |
Configurable Log Output | XML |
Log Source Type | MS Windows Event Logging XML - DNS |
Log Processing Policy | LogRhythm Default V 2.0 |
Exceptions | N/A |
Additional Information | https://nxlog.co/news-and-blog/posts/dns-log-collection-on-windows |
Supported Log Messages
(List of LR tags used to parse the log information for each message type)
Type | Product Version | Supported Schema Fields |
|---|---|---|
Catch-All | N/A | <vmid>, <severity>, <dname> |
DNS Audit Events | N/A | <vmid>, <tag1>, <severity>, <vendorinfo>, <result>, <dname>, <domainorigin>, <login>, <policy>, <sname>, <sip> |
Revision History
KB Version | Log Type | Change Type | Details |
|---|---|---|---|
KB 7.1.698.0 | MS Windows Event Logging XML - DNS | New Device Documentation | N/A |