Microsoft DNS
Supported OS
- Windows 2003
- Windows 2008 and 2008 R2
- Windows 2012 and 2012 R2
- Windows 2016
- Windows 2019
What is Discovered and Monitored
Protocol |
Information discovered |
Metrics collected |
Used for |
---|---|---|---|
SNMP |
Application type |
Process level CPU utilization, Memory utilization |
Performance Monitoring |
WMI |
Application type, service mappings |
Process level metrics (Win32_Process, Win32_PerfRawData_PerfProc_Process): uptime, CPU utilization, Memory utilization, Read I/O, Write I/O |
Performance Monitoring |
Windows Agent |
Application type |
DNS name resolution activity: DNS Query Success and Failure by type |
Security Monitoring |
Event Types
In ADMIN > Device Support > Event Types, search for "microsoft dns" to see the event types associated with this device.
Configuration
SNMP
See SNMP Configurations in the Microsoft Windows Server Configuration section.
WMI
See WMI Configurations in the Microsoft Windows Server Configuration section.
FortiSIEM Windows Agent
For information on configuring DNS for FortiSIEM Windows Agent, see Collecting DNS Logs from Microsoft Windows Server via Agents.
Microsoft recommends that customers enable DNS Analytical logs only to debug DNS traffic or to troubleshoot DNS server issues. Enabling DNS Analytical logs can cause system performance issues (see Microsoft Logging and Diagnostics).
Settings for Access Credentials
See Setting Access Credentials in the Microsoft Windows Server Configuration section.