Are you interested in our Early Access Program (EAP)? This program allows you to preview code, test in your lab and provide feedback prior to General Availability (GA) release of all Infoblox products. If so, please click the link here.

General Security & Cybersecurity Ecosystem


BloxOne TD - Forward Security Events, DNS activity, etc. to SIEM

Posts: 6
1348     0

We would like to get BloxOne Threat Defense events to our cloud SIEM (Sumo Logic). This includes events from Security Activity, DNS Activity, etc. that can be found in BloxOne TD csp portal. 


I found documentation (page 28) below stating that this can be done by forwarding logs via syslog. Am I on the right track? I have doubts that this is what I need as I'm getting info that I need an IB CDC appliance. Can someone assist in clearing my doubt?

Re: BloxOne TD - Forward Security Events, DNS activity, etc. to SIEM

Posts: 69
1349     0

Hello witness777,


The guide you provided shows Infoblox Cloud Data Connector deployment.


This should be what you are looking for. this will allow you to push data from your B1 instance to any SIEM instance so long as they support the standard file formating CEF or LEEF.


with this solution you will also beable to push data via your NIOS hardware appliance if you are running NIOS as well as our BloxOne products.


hope this helps!


Thank you,

Kevin Zettel

Showing results for 
Search instead for 
Did you mean: 

Recommended for You