I'm not seeing the NetworkResolution/DNS datamodel/dataset populated from the Splunk Add-on for Microsoft Windows DNS. The add-on was installed per the documentation on all Windows DNS servers.
C...
Hi All,
I have recently ingested Cisco Umbrella logs into Splunk Cloud (8.1.2) and everything seems to be working fine, expect for the NetworkResolutionDNS data model. When I try to accelerate t...
Hi all,
I have some MSAD:NT6:DNS logs I'm trying to massage into the NetworkResolution data model. I have a field extraction for message_type and now I'm trying to use a Calculated Field to o...
Hello all,
I am trying to get some DNS data into my NetworkResolution (DNS) datamodel.
I currently ingest DNS data via the Splunk Stream app which goes into an index called wn_dns_stream.
I...
...tag=dns tag=resolution" for windows debug dns requests these tags are not defined anywhere.
Is there another app that is required to create these tags? or are there eventtypes that exist t...
Hi, We are using Splunk Stream to get DNS logs into Splunk and it maps seamlessly with the NetworkResolution Data model as well. To get cleaner data, I created another DNs stream but this time w...
I'm installing an Enterprise Security build and have run into an issue with getting DNS into the ES environment.
From search & reporting, I see 5 different dns sourcetypes, in ES the DNS A...