Extreme Networks

Lukas_Mecir · ‎09-01-2016

Hello,
I have Microsoft DNS server with DNS debugging enabled and all DNS requests from PCs are logged to file C:\share\dns.txt. Folder \share\ is shared as windows share and is accessible with appropriate user and password (I test it from my PC).
I know, that I can collect info from this file by Universal DSM with Log File protocol. But my question is: can I collect logs from file by Universal DSM with WinCollect File Forwarder protocol? I tried it, but I received logs from DHCP server (which is running on the same server) instead of info from file dns.txt...
I send screenshot of my log source setup. Thanks in advance for any help.
Best regards
Lukas Mecir

825d726381324d5395616ee5941a6de1_RackMultipart20160901-50468-1w6jbt1-DNS_WC_inline.png

Mullins__Keith · ‎10-05-2016

Hi Lukas,

We see your question and confirm you are currently using Universal DSM to collect data from a shared folder and text file within that location. This currently shows no issues to you but it allows the question if Wincollect File Forwarder Protocol can be used.

I have consulted with IBM and it seems you can, provided you have the correct permissions on this Windows environment and that you use a Wincollect Agent to pull data from that location (remote collection). You could also install a new WinCollect agent on the share server and do local collection of data from that particular file and then send it altogether to the Siem.

Lukas_Mecir · ‎09-01-2016

Hello, I tried to make some changes in log source setup (see screenshot), but problem is still the same...

8ac8b69306df409b9cfec874635e3dd4_RackMultipart20160901-105699-1dau2cm-DNS_WC1_inline.png

Extreme Networks

Wincollect file forwarder

Wincollect file forwarder