Forum Discussion
Any rule/query for detecting Dynamic DNS in sentinel
Hi Team,
Sentinel having any table or rule from where we can fetch dynamic DNS details as alert?
1 Reply
Coupling ASIM DNS data with existing rules in the azure sentinel github repo may be helpful here:
https://learn.microsoft.com/en-us/AZURE/sentinel/normalization-schema-dns
https://github.com/Azure/Azure-Sentinel/tree/master/Detections/ASimDNS
