Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

NIOS DNS DHCP IPAM

Reply

Is there a way for me to identify the difference between isc:bind:query logs and infoblox:dns?
neil_q
New Member
Posts: 2

‎06-06-2024 10:13 AM

386     0

I am trying to route the logs into Cribl to be forwarder on to Splunk. I was hoping there was a flag in the log that I can use to differentiate from the two different logs. I assume there has to be, right ?

Labels:
Reply
0 Kudos

Re: Is there a way for me to identify the difference between isc:bind:query logs and infoblox:dns?
neil_q
New Member
Posts: 2

‎06-06-2024 11:23 AM

386     0

Just for a little more clear: is there a flag in the syslog from Infoblox that will allow me to sort the events into two different sourcetypes: isc:bind:query logs and infoblox:dns

Reply
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Latest Annoucements