THE GAME HAS CHANGED

Introducing Infoblox Universal DDI ManagementTM

Watch the launch to discover the new era of management for critical network services. Watch Now

Best Practices

cloud.jpeg

Splunk application for ActiveTrust Cloud

Hello,

 

I have just published a Splunk application for ActiveTrust Cloud.

 

This application allows to:
- get ActiveTrust Cloud logs into Splunk using the REST API introduced with ATC 2.0
- filter it efficiently with full drill down support based on the time, threat property, threat class, source IP, domain name, query type and much more
- get context from Infoblox Dossier threat intelligence.

 

Mandatory requires ActiveTrust Cloud.
Optionally requires Dossier for threat intelligence

 

https://splunkbase.splunk.com/app/3850/

 

Some screenshots

0.png

 

1.png

2.png

4.png

5.png

 

Any feedback welcome.

 

Regards

 

Nicolas

Showing results for 
Search instead for 
Did you mean: