MicrosoftDNSAgent extension

Naresh Babu 145 Reputation points
2024-01-30T13:34:19.3433333+00:00

Hello Team, I am planning install/deploy MicrosoftDNSAgent extension. I have already applied AMA policy with DCRs. now planning to choose unified method to deploy and configure MicrosoftDNSAgent extension by policy since AMA and scope specific DCR deployment is done. looking for suggestions. thank you.

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,330 questions
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
8,034 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
920 questions
0 comments No comments
{count} vote

3 answers

Sort by: Most helpful
  1. Stellnberger Philipp 5 Reputation points
    2024-03-20T10:12:05.58+00:00

    don´t know if this helps, but spent now hours in the troubleshooting why my asim dns dcr rule wasn´t collecting logs and saw, that the extention didn´t got installed on my machines.

    the way how i installed it was via powershell:

    Install-module Az.ConnectedMachine

    Import-module Az.ConnectedMachine

    $extPublisher = "Microsoft.Sentinel.AzureMonitorAgentExtensions"

    $extName = "MicrosoftDnsAgent"

    new-azconnectedMachineExtension -ResourceGroupName '<RGName>' -Location 'westeurope' -MachineName '<ARCMaschineName>' -Name $extName -Publisher $extPublisher -ExtensionType $extName

    1 person found this answer helpful.
    0 comments No comments

  2. SwathiDhanwada-MSFT 18,776 Reputation points
    2024-02-01T10:32:00.97+00:00

    @Naresh Babu Thanks for reaching out. As far as I know, you can set up the DNS connector in only two ways:

    • Microsoft Sentinel portal. With this setup, you can create, manage, and delete a single Data Collection Rule (DCR) per workspace. Even if you define multiple DCRs via the API, the portal shows only a single DCR.
    • API. With this setup, you can create, manage, and delete multiple DCRs.

    Can you confirm if you are looking for a way to use already created DCR to collect the DNS logs?


  3. John Joyner 41 Reputation points
    2024-07-10T13:06:04.1866667+00:00

    The following Azure PowerShell worked to manually install the Microsoft DNS Agent on Azure Arc-enabled servers when automatic installation did not occur. If there is a DCR in place for the computer to send DNS logs to Azure Log Analytics the data will start to arrive: (TypeHandlerVersion is the latest version number of the extension)

    New-AzConnectedMachineExtension -Name "MicrosoftDNSAgent" -ResourceGroupName "<RGname>" -MachineName "<ComputerName>" -Location "<Location>" -Publisher "Microsoft.Sentinel.AzureMonitorAgentExtensions" -ExtensionType "MicrosoftDNSAgent" -TypeHandlerVersion "1.4.4"

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.