Edit :- This got downvoted. Don’t know why should anyone asking an honest question be marked down. Am I not allowed to ask technical questions in comments section?
Every time a device joins the corp. network, it gets an IP Address (DHCP) and a network name (DNS) from our servers.
RADIUS is the authentication method for wifi. In larger offices you don't just share the same password for all users, but rather set up a RADIUS server that manages individual accounts. So every employee has their own username and password for wifi. Also called WPA2 Enterprise
DNS logs -- logs of name lookups to the internal DNS server, which will include source IP of the DNS lookup (note: UDP, can be spoofed). Look up source IP in DHCP lease table to find hostname and mac address of device on wifi that is assigned that source IP.
RADIUS logs -- RADIUS = AAA server (authorization, authentication, accounting). Basically, a server that answers the question "given these credentials, what resources can this user access?" All new connections to the network will show up in RADIUS logs. As a user, when you have your "own" wifi username and password (e.g. on an access point configured to use WPA Enterprise), usually what happens is the access point asks an external RADIUS server to authenticate the credentials, and then the DHCP server asks the RADIUS server to authorize the user for an IP address assignment.
I didn't downvote you. Perhaps the downvoters did that because they felt your post not interesting enough. Read the guidelines (link at the bottom of the start page), especially:
> On-Topic: Anything that good hackers would find interesting.
Something which is common hacker's knowledge and easily googleable is probably boring.
1) What are DNS logs?
2) What are RADIUS logs?
Would someone be so good as to answer?
Thanks in advance for help you could provide.
Edit :- This got downvoted. Don’t know why should anyone asking an honest question be marked down. Am I not allowed to ask technical questions in comments section?