DNS
You can configure the following DNS appliances with InsightIDR:
- Microsoft DNS
- Cisco Umbrella
- ISC Bind9
- Infoblox Trinzic
- PowerDNS
- Dnsmasq
DNS logs provide more information about web traffic than firewall logs. DNS also provides greater visibility into destination URLs, which can be flagged in Account Visited Suspicious Link incidents.
Connecting DNS as an event source allows InsightIDR to track services, incidents, and threats found on your network. The DNS server logs are a vital event source to connect.
InsightIDR monitors the following fields:
- Timestamp
- Asset
- User
- Source Address
- Query
- Public Suffix
- Top Private Domain
Did this page help you?