I am trying to pull a report from NTA 4.0 flow storage database and can't figure out how to do it using swql. I am wondering if someone can give some guidance.
What I am looking to do is pull a report to find distinct IP addresses that are talking to a DNS server, specifically doing DNS queries.
Our AD engineers are phasing out some DNS servers and are wanting to know what systems are still pointed to them for dns.
Retrieving data ...