Hi, we are trying to visualize and permanently record our DNS traffic. The DNS Server is run on Windows 10 and the logs it writes are ok but extending it with packetbeat would increase the visibility a lot. The concerns I have are running packetbeat on such critical infrastructure are security: p…

Packetbeat on high volume production Windows-AD-DNS-Servers

hilt86 (Hilt86) April 22, 2021, 9:37am 2

You could always create a dedicated sensor running packetbeat that gets a copy of the traffic going to your DCs if you don't want to run the software on your DCs

Topic		Replies	Views
DNS traffic Beats packetbeat	4	1100	August 18, 2016
Packetbeat interfere with defender for identity on Windows Server 2012-2022 Beats packetbeat	4	490	October 27, 2022
CPU footprint of packetbeat is high Beats packetbeat	4	2201	July 5, 2017
Winlogbeats with DNS logs? Beats	4	2401	July 17, 2017
Packetbeat memory issue? Beats packetbeat	5	2055	July 5, 2017

Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S. and in other countries
Trademarks
Terms
Privacy
Brand
Code of Conduct

Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.

Packetbeat on high volume production Windows-AD-DNS-Servers

Related topics