...
Follow steps outlined here to install the Snare agent. Agent Installation - Snare Windows Agent v5 Documentation - Confluence
To collect the DNS logs from the newly created log file navigate to “Log Sources > Log Files”
Click “Add”, Select the log type and select “ Microsoft DNS server logs”
Select “Line seperating events” and in put “\r\n\r\n” this helps the agent identify where the individual logs start and end in the txt file.
Paste in the location of the log file e.g. C:\DNS.txt into the “Log file or Directory Field”
In the “Log File Format” Field input the name of the file e.g. *.log
Once happy click Change configuration and restart the service to save the change.
Once happy and changes applieed select “Destination configuration”.
Under the “Network Destinations” section, enter the domain/IP address and port for Snare Reflector, and ensure Format is “Snare” and “Delimiter Character” is “Tab”.
...