Sending DNS server logs to Google Chronicle

Forward DNS server logs to Google Chronicle

DNS log collection and parsing is an integral part of log collection for every modern IT infrastructure. Proactively monitoring DNS activity can help network administrators to quickly detect and respond to threats such as data theft, denial-of-service attacks, and other malicious activity.

NXLog Enterprise Edition’s advanced log parsing capabilities make it easy to aggregate and normalize all your DNS logs and send them to Google Chronicle for further examination.

Forward all your DNS server logs to the Google Chronicle SIEM for further analysis.

Key features provided by NXLog:

  • Collect DNS Server logs via Event Tracing for Windows (ETW)
  • Parse DNS debug logs from Windows DNS Server debug logging files
  • Collect DNS logs from Windows Event Log such as DNS Server audit logs and DNS Server analytical logs
  • Collect Sysmon DNS query logs
  • Passive DNS monitoring through capturing network packets being sent to a DNS Server
  • Support for DNS log collection on Linux

Need a complete solution to consolidate and investigate all of your DNS server logs?

Download and try NXLog Enterprise Edition to get advanced log collection capabilities.

NXLog Community Edition
NXLog Enterprise Edition
Collect logs from Windows Event Log
Native ETW collection
Advanced parsing of DNS debug logs
Passive DNS monitoring
Send logs directly to Chronicle Ingestion API
Dedicated module for Google Chronicle
24/7 support