Forum Discussion
Any rule/query for detecting Dynamic DNS in sentinel
Hi Team,
Sentinel having any table or rule from where we can fetch dynamic DNS details as alert?
1 Reply
Coupling ASIM DNS data with existing rules in the azure sentinel github repo may be helpful here:
The Advanced Security Information Model (ASIM) DNS normalization schema reference (Public preview) | Microsoft Learn
Azure-Sentinel/Detections/ASimDNS at master · Azure/Azure-Sentinel · GitHub
