Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

API Examples

Reply

A sample outbound template to send syslog messages (to a syslog endpoint)

[ Edited ]
Vadim
Adviser
Posts: 82

‎06-17-2019 07:49 PM - edited ‎06-17-2019 07:50 PM

2181     0

The template logs variables into the debug log and send a simple syslog message to an endpoint.

{
	"name": "Send syslog",
	"comment": "Send Syslog message",
	"type": "SYSLOG_EVENT",
	"version": "5.0",
	"event_type": ["RPZ", "TUNNEL", "LEASE", "NETWORK_IPV4", "RANGE_IPV4", "FIXED_ADDRESS_IPV4", "HOST_ADDRESS_IPV4", "NETWORK_IPV6", "RANGE_IPV6", "FIXED_ADDRESS_IPV6", "HOST_ADDRESS_IPV6", "DNS_RECORD", "DNS_ZONE"
	],
	"action_type": "Send syslog",
	"content_type": "application/json",
	"vendor_identifier": "Syslog",
	"quoting": "XML",
	"steps": [
		{
			"name": "Debug",
			"operation": "NOP",
			"body": "${XC:DEBUG:{H:}}${XC:DEBUG:{E:}}${XC:DEBUG:{I:}}${XC:DEBUG:{L:}}${XC:DEBUG:{S:}}${XC:DEBUG:{P:}}${XC:DEBUG:{R:}}${XC:DEBUG:{RH:}}${XC:DEBUG:{UT:}}"
		},
		{
			"name": "Send Syslog",
			"operation": "SYSLOG_SEND_EVENT",
			"body": "${E::event_type} ${E::object_type} ${E::operation_type}"
		}

	]
}

 

 

BR,

Vadim

Reply
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Latest Annoucements

Infoblox Experts Community

You have reached the maximum number of topics allowed as a visitor. Please Login or Join the community to continue to read.

Join for free

TOPICS REMAINING

Register for unlimited browsing. Registration is FREE.

Join Community