From 65cc78f9e86f5b7db20f0ddf4e7d69abb56ee6a4 Mon Sep 17 00:00:00 2001
From: Florian Roth <florian.roth@bsk-consulting.de>
Date: Tue, 22 May 2018 16:58:13 +0200
Subject: [PATCH] Windows Config Update - DNS logs

---
 tools/config/splunk-windows-all.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/tools/config/splunk-windows-all.yml b/tools/config/splunk-windows-all.yml
index 448dbd489..edb9cbf78 100644
--- a/tools/config/splunk-windows-all.yml
+++ b/tools/config/splunk-windows-all.yml
@@ -42,8 +42,14 @@ logsources:
   windows-dns-server:
     product: windows
     service: dns-server
+    category: dns
     conditions:
       source: 'DNS Server'
+  windows-dns-server-audit:
+    product: windows
+    service: dns-server-audit
+    conditions:
+      source: 'Microsoft-Windows-DNS-Server/Audit'
   windows-driver-framework:
     product: windows
     service: driver-framework