Forum Discussion
Any rule/query for detecting Dynamic DNS in sentinel
Hi Team, Sentinel having any table or rule from where we can fetch dynamic DNS details as alert?
Coupling ASIM DNS data with existing rules in the azure sentinel github repo may be helpful here:
https://learn.microsoft.com/en-us/AZURE/sentinel/normalization-schema-dns
https://github.com/Azure/Azure-Sentinel/tree/master/Detections/ASimDNS