So the latest version of WinlogBeat now support all windows event logs. Currently i'm collecting (example below) across the my company. I would also like to collect the DNS analytical log, however i'm not sure how to dirive the name of this log, could someone help me out?
Current config example:
- name: Security
- name: System
- name: Setup
- name: Microsoft-Windows-Windows-Firewall With Advanced Security/Firewall
- name: Microsoft-Windows-Windows-Firewall With Advanced Security/FirewallVerbose
- name: Microsoft-Windows-Windows-TaskScheduler/Operational
- name: Microsoft-Windows-PowerShell/Operational
The only related topic i could find:
Statement from WLB - "any channel"