Configure Windows Domain Name Server
Note: If you are using TA-Windows version 6.0.0 version or later then you do not need TA_AD and TA_DNS, as they are merged with TA-Windows. To configure TA-Windows v6.0.0, Please refer to Deploy and configure the Splunk Add-on for Windows v6.0.0 or later.
Enable DNS debug logging
If you want detailed DNS server statistics, enable debug logging on your DNS servers, you must enable debug logging. For the procedure, see Select and enable debug logging options on the DNS server on MS TechNet.
Impact of DNS debug logging on performance and license usage
When you enable debug logging on your DNS servers, you consider the following caveats:
- If you enable DNS server debug logging, individual DNS server performance decreases significantly.
- Debug logging generates significant amounts of data that might exhaust disk space on DNS servers, which can potentially cause downtime. You must watch and rotate your DNS server logs to prevent disk capacity issues from occurring.
- Debug logging also greatly increases the overall amount of data indexed by the Splunk App for Microsoft Exchange. Ensure that you have a Splunk license that can accommodate the additional indexing volume.
Next Step
You have configured the Windows DNS servers for debug logging. Next, you will install a deployment client on the DNS server and then deploy the Splunk Add-on for Windows DNS onto the client.
| Sample searches and dashboards | Download and configure the Splunk Add-on for Windows DNS |
This documentation applies to the following versions of Splunk® App for Microsoft Exchange (EOL): 4.0.0, 4.0.1, 4.0.2, 4.0.3
Download manual
Feedback submitted, thanks!