none
Testing DNS Analytics Solution RRS feed

  • Question

  • Hello,

    I'm going through a proof of concept on the DNS Analytics Solution (https://docs.microsoft.com/en-us/azure/azure-monitor/insights/dns-analytics) and having trouble generating any Malicious findings. I have gone through and queried 250+ known bad domains, but none show up when searching as being malicious. As far as I can tell, everything is configured correctly. I am getting data and it is showing all DNS queries and responses. Searches are working fine, just no events have MaliciousIP field set.

    Does anyone have any domain(s) that I can query DNS with to generate a malicious finding in the DNS Analytics Solution?

    Tuesday, January 7, 2020 4:49 PM

All replies

  • We like to know a little more about your scenario above. Please send mail to AzCommunity@microsoft.com include your Azure subscription ID and a link to this MSDN thread (for context) and we can continue the conversation. Once we have a resolution, we will post the update to this thread so others in the community can benefit.
    Thursday, January 16, 2020 7:53 AM
    Moderator