Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Collecting DNS Analytic Logs by Using XPath

 

To collect DNS Analytic logs by using WinCollect, you must first configure Windows to collect analytic logs and then add an XPath to the WinCollect Agent log source to collect the logs and send them to JSA.

DNS debug logging is supported on the following Windows versions:

Use Event Viewer to configure Windows to collect DNS Server analytic logs.

  1. To open the Event Viewer, type eventvwr.msc at an elevated command prompt, and press Enter.
  2. Go to Applications and Services Logs\Microsoft\Windows\DNS-Server.
  3. Right-click DNS-Server, and then click View > Show Analytic and Debug Logs.
  4. Right-click the Analytical log, and then click Properties.
  5. In the When maximum event log size is reached section, choose Do not overwrite events (Clear logs manually), select Enable logging, and then click OK on the resulting dialog box.Note

    you do not select this option, the WinCollect Agent can't collect the Analytical log, because the logs are stored in etl format.

  6. Click OK to enable the DNS Server Analytic event log.Note

    You must manually clear the logs and restart the agent when the event log is full

  7. In the log source, add the following XPath to the WinCollect Agent: