Microsoft DHCP
- Supported OS
- What is Discovered and Monitored
- Event Types
- Configuration
- Settings for Access Controls
Supported OS
- Windows 2003
- Windows 2008 and 2008 R2
- Windows 2012 and 2012 R2
- Windows 2016
- Windows 2019
What is Discovered and Monitored
Protocol |
Information discovered |
Metrics collected |
Used for |
---|---|---|---|
SNMP |
Process details |
Process level CPU utilization, Memory utilization |
Performance Monitoring |
WMI |
Process details, process to service mappings |
Process level metrics (Win32_Process, Win32_PerfRawData_PerfProc_Process): uptime, CPU utilization, Memory utilization, Read I/O, Write I/O |
Performance Monitoring |
Windows Agent |
Application type |
DHCP address release/renew events that are used by FortiSIEM for Identity and location: attributes include IP Address, MAC address, Host Name |
Security and compliance (associate machines to IP addresses) |
Event Types
In ADMIN > Device Support > Event Types, search for "microsoft dhcp" to see the event types associated with this device.
Configuration
SNMP
See SNMP Configurations in the Microsoft Windows Server Configuration section.
WMI
See WMI Configurations in the Microsoft Windows Server Configuration section.
FortiSIEM Windows Agent
For information on configuring DHCP for FortiSIEM Windows Agent, see Collecting Windows DHCP Logs from Microsoft Windows Server via Agents.
Settings for Access Controls
See Setting Access Credentials in the Microsoft Windows Server Configuration section.