Home
  •  

AD DC DNS Server Information Events

Microsoft.Windows.Server.2012.R2.AD.DNSServer.Information.EventCollection (Rule)

Knowledge Base article:

Summary

Collects all information events in the DNS Server log on the DC.

This rule is disabled by default, if you want to add informational events use an override to enable this rule.

Element properties:

TargetMicrosoft.Windows.Server.2012.R2.AD.DomainController.DNS
CategoryEventCollection
EnabledFalse
Alert GenerateFalse
RemotableFalse
Event LogDNS Server

Member Modules:

ID Module Type TypeId RunAs 
EventDS DataSource Microsoft.Windows.EventProvider Default
WriteToDB WriteAction Microsoft.SystemCenter.CollectEvent Default
WriteToDW WriteAction Microsoft.SystemCenter.DataWarehouse.PublishEventData Default

Source Code:

<Rule ID="Microsoft.Windows.Server.2012.R2.AD.DNSServer.Information.EventCollection" Enabled="false" Target="AD2012R2Core!Microsoft.Windows.Server.2012.R2.AD.DomainController.DNS" ConfirmDelivery="false" Remotable="false" Priority="Normal" DiscardLevel="100">

  <Category>EventCollection</Category>

  <DataSources>

    <DataSource ID="EventDS" TypeID="Windows!Microsoft.Windows.EventProvider">

      <ComputerName>$Target/Host/Property[Type="AD!Microsoft.Windows.Server.AD.Library.DomainControllerRole"]/Name$</ComputerName>

      <LogName>DNS Server</LogName>

      <Expression>

        <SimpleExpression>

          <ValueExpression>

            <XPathQuery Type="Integer">EventLevel</XPathQuery>

          </ValueExpression>

          <Operator>Equal</Operator>

          <ValueExpression>

            <Value Type="Integer">3</Value>

          </ValueExpression>

        </SimpleExpression>

      </Expression>

    </DataSource>

  </DataSources>

  <WriteActions>

    <WriteAction ID="WriteToDB" TypeID="SC!Microsoft.SystemCenter.CollectEvent"/>

    <WriteAction ID="WriteToDW" TypeID="SCDW!Microsoft.SystemCenter.DataWarehouse.PublishEventData"/>

  </WriteActions>

</Rule>