Showing results for 
Search instead for 
Did you mean: 

Data Source with Dynamic IP

Hi SIEM specialists,

I have a hard time solving problem with data sources, that do not have a static IP or DHCP reservation. These machines could change their IP address anytime and I am not able to manually change the data sources every time it happens.

Basically, I have two types - syslog data sources and WMI Event logs. Both of them could change IP address.

The only thing I can think of is defining the log source using a fqdn instead of IP, but this seems impossible.

Any other ideas how to cover log sources with dynamic IPs?