Microsoft-Windows-DNSServer/Analytical Logs #14156
Unanswered
GyciakasGh0st
asked this question in
Ideas
Replies: 1 comment
-
|
Microsoft-Windows-DNSServer/Analytical logs are an Event Tracing for Windows (ETW) log. I do not believe the Custom Windows Event Logs integration works with ETW logs. Additionally Windows Event Forwarding does not work with ETW logs from some testing I have done for Microsoft-Windows-DNSServer/Analytical logs. I saw that Elastic was working on integrations for ETW logs and Microsoft-Windows-DNSServer/Analytical, but I don't know when they will reach Security Onion. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Does any one tried to collect Microsoft-Windows-DNSServer/Analytical logs ?
We tried via "Custom Windows Event Logs integration" but it wouldn't collect it. Cause via powershell command Get-WinEvent -ListLog * | Format-List -Property LogName this event log channel not shown.
It only shows via command "Get-WinEvent -ListLog * -force | Format-List -Property LogName"
Any ideas ?
Beta Was this translation helpful? Give feedback.
All reactions