Splunk® App for Windows Infrastructure

Deploy and Use the Splunk App for Windows Infrastructure

Download manual as PDF

Download topic as PDF

Download and configure the Splunk Add-on for Windows DNS

Note: To users who are using TA-windows version 6.0.0 or later: TA-AD has merged with TA-windows. See Download and configure the Splunk Add-on for Windows version 6.0.0 or later.

This topic discusses how to download and configure the Splunk Add-on for Windows DNS and deploy them to your deployment clients so that they forward DNS information to the Splunk App for Windows Infrastructure indexer.

The Splunk Add-on for Windows DNS collects DNS data and is available on Splunkbase. When you install the add-on into universal forwarders on your DNS servers, the add-on collects DNS data and sends it to the Splunk App for Windows Infrastructure.

More information about the DNS add-on

The following table lists details about the Splunk Add-on for Windows DNS.

Add-on Description
Splunk_TA_microsoft_dns For DNS servers that run Windows Server 2008/2008 R2 and later

Download the Splunk Add-on for Windows DNS

Like the Splunk Add-on for Microsoft Active Directory, the Splunk Add-on for Windows DNS is available on Splunkbase. Make sure you download the latest version of the app. You might need to sign in with your Splunk account before the download starts.

  1. In a web browser, proceed to the Splunk Add-on for Windows DNS download page.
  2. Click the download link to begin the download process.
  3. When prompted, choose an accessible location on your deployment server to save the download. Do not attempt to run the download.
  4. Use an archive utility such as WinZip to unarchive the file to an accessible location, such as the C:\Program Files\SplunkUniversalForwarder\etc\apps directory.

If you're using TA-Windows version 6.0.0 or later, you don't need TA_AD and TA_DNS. TA_AD and TA_DNS are merged with TA-Windows version 6.0.0.

Configure the Splunk Add-ons for Windows DNS

The Splunk Add-on for Windows DNS does not require configuration by default. When you install it onto DNS servers, it immediately begins collecting data as long as you have configured DNS debug logging.

What's next?

You have downloaded the Splunk App for Windows Infrastructure and can now access the Splunk Add-ons for Window DNS. The next step involves deploying those add-ons into the universal forwarders that you install on your Active Directory DNS servers.

PREVIOUS
Configure Windows Domain Name Server
  NEXT
Confirm and troubleshoot DNS data collection

This documentation applies to the following versions of Splunk® App for Windows Infrastructure: 2.0.0


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters