Alert generating rule for the DNS Service.
The DNS Server service responds to requests from DNS client computers for name resolution services. Domain Name System (DNS) is a protocol that enables a computer to obtain the numeric IP address of another computer by submitting the target computer's name to a DNS server. Problems with the DNS Server service can cause network performance to degrade or even prevent network computers from being able to locate each other.
The DNS server could not connect to another DNS server.
Correct network connectivity problems
The DNS Server service could not connect to another DNS server. To resolve this problem:
Ensure that you have specified the correct IP address for the target DNS server.
Check the remote DNS server, and ensure that it is running properly.
Use the nslookup command to verify that the target DNS server can be reached and that it is responding to Domain Name System (DNS) queries.
If the remote DNS server is not running properly, correct the problem on the remote DNS server, and then try the operation again. If the remote DNS server is running properly and the nslookup command does not produce a response, there may be a problem in the network link between the two DNS servers. Correct the network problem, and then try the operation again.
http://technet.microsoft.com/en-us/library/dd349691(v=ws.10).aspx
Target | Microsoft.Windows.DNSServer.2016.Server | ||
Category | Alert | ||
Enabled | True | ||
Alert Generate | True | ||
Alert Severity | Error | ||
Alert Priority | Normal | ||
Remotable | True | ||
Alert Message |
| ||
Event Log | DNS Server |
ID | Module Type | TypeId | RunAs |
---|---|---|---|
DS | DataSource | Microsoft.Windows.EventProvider | Default |
Alert | WriteAction | System.Health.GenerateAlert | Default |
<Rule ID="Microsoft.Windows.DNSServer.2016.Service.ConnectionError" Enabled="true" Target="Microsoft.Windows.DNSServer.2016.Server" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>Alert</Category>
<DataSources>
<DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>DNS Server</LogName>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">7060</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="Alert" TypeID="Health!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>2</Severity>
<AlertOwner/>
<AlertMessageId>$MPElement[Name="Microsoft.Windows.DNSServer.2016.Service.ConnectionError.AlertMessage"]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>$Data/EventDisplayNumber$</AlertParameter1>
<AlertParameter2>$Data/EventSourceName$</AlertParameter2>
<AlertParameter3>$Data/Channel$</AlertParameter3>
<AlertParameter4>$Data/EventDescription$</AlertParameter4>
</AlertParameters>
<Suppression>
<SuppressionValue>$Data/LoggingComputer$</SuppressionValue>
</Suppression>
<Custom1/>
<Custom2/>
<Custom3/>
<Custom4/>
<Custom5/>
<Custom6/>
<Custom7/>
<Custom8/>
<Custom9/>
<Custom10/>
</WriteAction>
</WriteActions>
</Rule>