DNS Query Requests Resolved By Unauthorized DNS Servers

Description

This search will detect DNS requests resolved by unauthorized DNS servers. Legitimate DNS servers should be identified in the Enterprise Security Assets and Identity Framework.

   Help

DNS Query Requests Resolved By Unauthorized DNS Servers Help

To successfully implement this search you will need to ensure that DNS data is populating the Network_Resolution data model. It also requires that your DNS servers are identified correctly in the Assets and Identity table of Enterprise Security.

   Search

Open in Search