Windows DHCP via Elasticsearch Filebeat - Learn more about the Windows DHCP Standard Collector and content pack integrations in Cortex Cloud. - Administrator Guide

Windows DHCP via Elasticsearch Filebeat - Learn more about the Windows DHCP Standard Collector and content pack integrations in Cortex Cloud. - Administrator Guide - Cortex CLOUD

Cortex Cloud Runtime Security Documentation

Product

Cortex Cloud Application Security > Cortex CLOUD

License

Cloud Runtime Security

Creation date

2024-12-24

Last date published

2026-06-04

Category

Administrator Guide

Abstract

Learn more about the Windows DHCP Standard Collector and content pack integrations in Cortex Cloud.

You can configure collecting Windows DHCP logs using a Standard Collector or with a content pack integration:

Windows DHCP vendor	Description
Standard Collector (basic) overview	Forward logs to Cortex Cloud from Windows DHCP logs using Elasticsearch Filebeat with the Windows DHCP data source.
Link to Standard Collector instructions	Ingest logs from Windows DHCP using Elasticsearch Filebeat
Link to content pack details	The Microsoft DHCP content pack processes and normalizes audit logs from the Dynamic Host Configuration Protocol (DHCP) service for security analysis in Cortex Cloud. It includes modeling Rules and parsing rules for events collected using the XDR Collector via the `microsoft_dhcp_raw dataset`.