Are you interested in our Early Access Program (EAP)? This program allows you to preview code, test in your lab and provide feedback prior to General Availability (GA) release of all Infoblox products. If so, please click the link here.

Best Practices

cloud.jpeg

Splunk application for ActiveTrust Cloud

NJeanselme
Adviser
Posts: 15
NJeanselme

Splunk application for ActiveTrust Cloud

Adviser on ‎01-10-2018 10:20 PM ‎07-11-2022 09:53 AM Community Manager

Hello,

 

I have just published a Splunk application for ActiveTrust Cloud.

 

This application allows to:
- get ActiveTrust Cloud logs into Splunk using the REST API introduced with ATC 2.0
- filter it efficiently with full drill down support based on the time, threat property, threat class, source IP, domain name, query type and much more
- get context from Infoblox Dossier threat intelligence.

 

Mandatory requires ActiveTrust Cloud.
Optionally requires Dossier for threat intelligence

 

https://splunkbase.splunk.com/app/3850/

 

Some screenshots

0.png

 

1.png

2.png

4.png

5.png

 

Any feedback welcome.

 

Regards

 

Nicolas

Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: