Forum Discussion
SaaSy
Oct 04, 2019Copper Contributor
Connecting DNS Analytics - Azure Sentinel
We have connected DNS logs from our DCs to Sentinel and are receiving DNS events. However the requested domain names and any of the analytical data is not visible in any dashboards/workbooks. Our Adm...
ImpLosioN
Copper Contributor
SaaSyHi,
I have the same problem, i install both 2012 and 2019 but just incoming dynamic update or etc. Doesnt any client & domain(malicious or normal) information receive.
SaaSy
Oct 20, 2019Copper Contributor
ImpLosioN we were able to receive analytics logs once the dnsanalytics configuration was tweaked in Sentinel.
- CliveWatsonOct 20, 2019Microsoft
Glad its working, this procedure you just did was added to the docs: https://docs.microsoft.com/en-us/azure/azure-monitor/insights/dns-analytics#troubleshooting
- Mcilfat1975Jun 19, 2023Copper Contributor
Hi Clive,
I am having similar issues as described above. Could you provide some more information on what tweaking the settings actually looks like.
Kind regards