Microsoft-Windows-DNSServer/Analytical Logs #14156
Replies: 1 comment
-
|
Microsoft-Windows-DNSServer/Analytical logs are an Event Tracing for Windows (ETW) log. I do not believe the Custom Windows Event Logs integration works with ETW logs. Additionally Windows Event Forwarding does not work with ETW logs from some testing I have done for Microsoft-Windows-DNSServer/Analytical logs. I saw that Elastic was working on integrations for ETW logs and Microsoft-Windows-DNSServer/Analytical, but I don't know when they will reach Security Onion. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Does any one tried to collect Microsoft-Windows-DNSServer/Analytical logs ?
We tried via "Custom Windows Event Logs integration" but it wouldn't collect it. Cause via powershell command Get-WinEvent -ListLog * | Format-List -Property LogName this event log channel not shown.
It only shows via command "Get-WinEvent -ListLog * -force | Format-List -Property LogName"
Any ideas ?
Beta Was this translation helpful? Give feedback.
All reactions