Download and configure the Splunk Add-on for Windows DNS
Note: To users who are using TA-windows version 6.0.0 or later: TA-AD has merged with TA-windows. See Download and configure the Splunk Add-on for Windows version 6.0.0 or later.
This topic discusses how to download and configure the Splunk Add-on for Windows DNS and deploy them to your deployment clients so that they forward DNS information to the Splunk App for Windows Infrastructure indexer.
The Splunk Add-on for Windows DNS collects DNS data and is available on Splunkbase. When you install the add-on into universal forwarders on your DNS servers, the add-on collects DNS data and sends it to the Splunk App for Windows Infrastructure.
More information about the DNS add-on
The following table lists details about the Splunk Add-on for Windows DNS.
|Splunk_TA_microsoft_dns||For DNS servers that run Windows Server 2008/2008 R2 and later|
Download the Splunk Add-on for Windows DNS
Like the Splunk Add-on for Microsoft Active Directory, the Splunk Add-on for Windows DNS is available on Splunkbase. Make sure you download the latest version of the app. You might need to sign in with your Splunk account before the download starts.
- In a web browser, proceed to the Splunk Add-on for Windows DNS download page.
- Click the download link to begin the download process.
- When prompted, choose an accessible location on your deployment server to save the download. Do not attempt to run the download.
- Use an archive utility such as WinZip to unarchive the file to an accessible location, such as the
C:\Program Files\SplunkUniversalForwarder\etc\apps directory.
If you're using TA-Windows version 6.0.0 or later, you don't need TA_AD and TA_DNS. TA_AD and TA_DNS are merged with TA-Windows version 6.0.0.
Configure the Splunk Add-ons for Windows DNS
The Splunk Add-on for Windows DNS does not require configuration by default. When you install it onto DNS servers, it immediately begins collecting data as long as you have configured DNS debug logging.
You have downloaded the Splunk App for Windows Infrastructure and can now access the Splunk Add-ons for Window DNS. The next step involves deploying those add-ons into the universal forwarders that you install on your Active Directory DNS servers.
Configure Windows Domain Name Server
Confirm and troubleshoot DNS data collection
This documentation applies to the following versions of Splunk® App for Windows Infrastructure: 2.0.0, 2.0.1