Splunk Enterprise Security

Splunk add on for microsoft windows

N92
Path Finder

After installing microsoft windows add on I could not see applicable tags for network resolution data model with respect to DNS logs.

Why I could not see any tag? Any thoughts!

Labels (2)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

Where and how are you looking for tags?  Do you have any DNS data indexed?

---
If this reply helps you, Karma would be appreciated.
0 Karma

N92
Path Finder

Yes, dns data indexed. 

 

For mapping with datamodel I am searching at settings > Tags.

 

Because I could see two tags in datamodel page which are required for network resolution datamodel.

 

1 Resolution and 2.dns

0 Karma
Get Updates on the Splunk Community!

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Easily Improve Agent Saturation with the Splunk Add-on for OpenTelemetry Collector

Agent Saturation What and Whys In application performance monitoring, saturation is defined as the total load ...