Are you interested in our Early Access Program (EAP)? This program allows you to preview code, test in your lab and provide feedback prior to General Availability (GA) release of all Infoblox products. If so, please click the link here.

General Security & Cybersecurity Ecosystem


Infoblox Integration with Splunk Phantom

[ Edited ]
Posts: 17
2144     1

We are excited to announce a new Infoblox® integration with Splunk’s Security Automation and Orchestration platform named Phantom.


Infoblox with Splunk Phantom allows security and incident response teams to leverage the power of a SOAR platform paired with powerful Threat Insight, Event Metadata and granular network control. Infoblox’s Dossier™, DDI, and DNS security offerings empower Splunk Phantom’s ability to locate malicious URLs, eradicate threats, and prevent access to dangerous domains. In summary, this integration allows for powerful automation and therefore maximizes the ROI of both products.


For more information regarding capabilities and configuration of the Infoblox and Splunk Phantom integration, please view the video below:



This integration is provided “as is”. Any changes to your network should be fully tested before deploying into a production environment.


The Infoblox DDI and Dossier apps support a wide variety of actions within Phantom. These actions can be utilized in Phantom playbooks or run on relevant objects.


List of supported actions by app:



Infoblox DDI

list hosts

list rpz

block domain

unblock domain

block ip

unblock ip

get system info

update property

list network view

test connectivity


lookup url

lookup hash

lookup ip

lookup domain

test connectivity


The integration requires the extensible attribute described in the table below:

Extensible Attribute



Attaches an id to an object that corresponds to an event.


For more in depth information on the Infoblox and Splunk Phantom integration, please view the Infoblox Integration with Splunk Phantom - Deployment Guide.


Comments, Questions, or feedback are welcome.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You