- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
I get a daily report out of my PA which shows some user activity and other stuff.
The report is not the issue - what goes into it is.
Part of what I have in the report is the source host name. And, for some IP addresses values, the report comes out with resolved host names which I can NOT understand being there.
These host names simply no longer exist. They're not in DNS. They're not in host files. And the device names can not possible be equated with the username identified in the traffic via the PAN UA.
How can I find out where these names are being resolved/converted from? I am 100% certain that they are NOT in DNS - I can't PING these devices by name from the PAN device which emails the report to me!
It's not really a huge deal - the report also lists the source IP, which is enough for me to sort out - but it's bugging me that this box is somehow, somewhere finding device names which don't exist any longer 9I should point out that most of them DID exist at some time - the devices have either been retired or renamed).
Thanks to anyone who can shine a light somewhere vaguely in my direction!
They're Active Directory integrated DNS servers - deleting a node in one automatically transfers to the others.
Yes, there are multiple servers - no, the entries don't exist in ANY DNS zone on ANY server. That's why it's driving me nuts trying to figure out where these are coming in to the report from!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!