Microsoft DHCP Server
Version: Microsoft DHCP Server 2003 and later.
The DHCP (Dynamic Host Configuration Protocol) assigns IP address to client computers automatically. DHCP auditing helps administrator to track information on successful or failed lease grants, depletion of the server’s IP pool, or request for messages and their corresponding acknowledgements.
Netsurion Open XDR can analyses the audit logs and generate the reports for monitoring the activity of DNS update request and DNS update successful, lease renewed and denied by the DHCP server.
Netsurion Data Source Integrations for Microsoft DHCP Server allows you to monitor the following components:-
- Operations – DNS Update request and DNS update successful.
- Security – Lease renewed by client.
- Compliance – Lease denied.
Once Microsoft DHCP Server is configured to deliver events to Netsurion Open XDR Manager; dashboards and reports can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | Microsoft DHCP Server – Lease expired | This alert is generated when DHCP lease is expired. |
| Operations | Microsoft DHCP Server – Database migration | This alert is generated when DHCP database migration |
| Compliance | Microsoft DHCP Server – Lease deleted | This alert is generated when lease deleted by DHCP Server. |
| Compliance | Microsoft DHCP Server – Authorization failure | This alert is created when a DHCP Server authorization fails. |
Reports
| Type | Name | Description |
|---|---|---|
| Security | Microsoft DHCP Server – Lease renewed by client | This report provides information related to lease renewed by client, when a client already has lease and needs to renew that lease with the DHCP server. It consists of columns EventDate, EventTime, Computer, Client Host Name, Client IP Address and Client MAC Address. |
| Operations | Microsoft DHCP Server – DNS update request | This report provides the information related to DNS update request, where DHCP sends request to DNS to dynamically update resource records to DNS. It consists of columns EventDate, EventTime, Computer, Client Host Name and Client IP Address. |
| Operations | Microsoft DHCP Server – DNS update successful | This report provides the information about DNS update successful, when DNS registers the resource records successfully upon receiving DNS update request by DHCP. It consists of columns EventDate, EventTime, Computer, Client Host Name and Client IP Address. |
| Compliance | Microsoft DHCP Server – Lease denied | This report provides the information related to lease denied, where client lease requests might be denied by the DHCP server for invalid (out of pool) or duplicate IP addresses to avoid IP addresses conflicts. It consists of columns EventDate, EventTime, Computer, Client Host Name, Client IP Address and Client MAC Address. |
Documentation:
The configuration details are consistent with Netsurion Open XDR 7.x and later, Microsoft DHCP Server 2003 and later.
Download Integration Guide for configuration instructions and more information.