I am trying to pull a report from NTA 4.0 flow storage database and can't figure out how to do it using swql. I am wondering if someone can give some guidance.
What I am looking to do is pull a report to find distinct IP addresses that are talking to a DNS server, specifically doing DNS queries.
Our AD engineers are phasing out some DNS servers and are wanting to know what systems are still pointed to them for dns.
