Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

Can lease history be exported to syslog or siem?

Authority
Posts: 22
5589     0

HI Bloxers!

 

This is not at all covered in the documentation, except for using API to export the logs. 

 

Is this possible?

 

The customer is not using reporter either, which I know holds more than the default of 100k entries. 

 

But we need to store past lease history more than 100k entries to syslog in a format which can be later viewed etc.

 

Thanks.

Re: Can lease history be exported to syslog or siem?

Adviser
Posts: 109
5590     0

The Infoblox Reporting solution is ideal for this, but certainly not a requirement. DHCP activity is logged in the syslog and yes, that can be sent to an external syslog server. Refer to the section titled "Using a Syslog Server" in the NIOS Administrators Guide for more details regarding this.

 

Alternatively, the Infoblox Outbound API solution can be used to integrate with a SIEM. For information regarding the Outbound API feature (which does require a separate 'ecosystem' license), refer to the chapter titled "Ecosystem - Outbound Notifications" in the NIOS Administrators Guide.

 

The above is useful for real-time activities. For the DHCP Lease History data, there are export mechanisms that will allow you to export this data in CSV format. You can use the Grid Manager GUI to do this but for continuous management of the lease history data, you would find it more appropriate to use the API. Details can be found in the section titled "Exporting Lease Records" in the NIOS Administrators Guide. In addition to the Infoblox WAPI Reference Guide, you may also find the following community forum post helpful with how to use the API for this process:

 

https://community.infoblox.com/t5/API-Integration/Exporting-lease-history-to-CSV-Using-Curl-API/m-p/...

 

Regards,

Tony

Re: Can lease history be exported to syslog or siem?

Adviser
Posts: 15
5590     0

You may also want to take a look at this:

https://community.infoblox.com/t5/Security/On-demand-DHCP-lease-history-search-from-SIEM/m-p/15696#M...

Check out our new Tech docs website at http://docs.infobox.com for latest documentation on Infoblox products.
Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Businesses are investing heavily into securing company resources from cyber-attacks form cybercrimin