Skip to content

Infoblox DNS

Infoblox delivers essential technology to enable customers to manage, control and optimize DNS, DHCP, and IPAM. Chronicle has the ability to ingest Infoblox log information and stitch together data for assets based on hostname and/or IP address. This section will cover how to configure syslog settings on Infoblox to point to an external syslog server. These instructions will push the syslog configuration for the Grid Wide level.

Chronicle Data Types

  • INFOBLOX
  • INFOBLOX_DNS
  • INFOBLOX_DHCP

Configuration

  1. From the Grid tab, Grid > Grid Manager > Members
  2. Click Grid Properties > Edit in the right hand Toolbar
  3. Select the Monitoring tab
  4. Check the Log to External Syslog Servers box
  5. Click the + icon of the External Syslog Servers table

  6. Enter the following information for the external syslog server:

    Setting Value
    Address IP address of CYCLOPS appliance
    Transport TCP
    Interface Any
    Node ID IP and Host Name
    Source Any
    Severity info
    Port Port provided by Cyderes
    Logging Category Send all
    Copy Audit Log Messages to Syslog Select this option
    Syslog Facility Take default value provided

  7. Select Save & Close to save the configuration

  8. Click Restart if it appears at the top of the screen