Splunk® App for Windows Infrastructure (Legacy)

Deploy and Use the Splunk App for Windows Infrastructure

On October 20, 2021, the Splunk App for Windows Infrastructure will reach its end of life. After this date, Splunk will no longer maintain or develop this product. The functionality in this app is migrating to a content pack in Data Integrations. Learn about the Content Pack for Windows Dashboards and Reports.
This documentation does not apply to the most recent version of Splunk® App for Windows Infrastructure (Legacy). For documentation on the most recent version, go to the latest release.

Configure Windows Domain Name Server

Enable DNS debug logging

If you want detailed DNS server statistics, enable debug logging on your DNS servers by following the instructions for your operating system:

Impact of DNS debug logging on performance and license usage

When you enable debug logging on your DNS servers, you must consider the following caveats:

  • If you enable DNS server debug logging, individual DNS server performance decreases significantly.
  • Debug logging generates significant amounts of data that might exhaust disk space on your DNS servers, which can potentially cause downtime. You must watch and rotate your DNS server logs to prevent disk capacity issues from occurring.
  • Debug logging also greatly increases the overall amount of data indexed by the Splunk App for Windows Infrastructure. Ensure that you have a Splunk license that can accommodate the additional indexing volume.

What's next?

You have configured the Windows DNS servers for debug logging. Next, you will install a universal forwarder on the DNS server and then deploy the Splunk Add-on for Windows DNS onto the client.

Last modified on 25 June, 2016
Sample searches and dashboards   Download and configure the Splunk Add-ons for Windows DNS

This documentation applies to the following versions of Splunk® App for Windows Infrastructure (Legacy): 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.2.0, 1.2.1


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters