DNS connector for Microsoft Sentinel
The DNS log connector allows you to easily connect your DNS analytic and audit logs with Microsoft Sentinel, and other related data, to improve investigation.
When you enable DNS log collection you can:
- Identify clients that try to resolve malicious domain names.
- Identify stale resource records.
- Identify frequently queried domain names and talkative DNS clients.
- View request load on DNS servers.
- View dynamic DNS registration failures.
For more information, see the Microsoft Sentinel documentation.
Connector attributes
| Connector attribute | Description |
|---|---|
| Log Analytics table(s) | DnsEvents DnsInventory |
| Data collection rules support | Not currently supported |
| Supported by | Microsoft Corporation |
Next steps
For more information, go to the related solution in the Azure Marketplace.
Feedback
Submit and view feedback for