THE GAME HAS CHANGED

Introducing Infoblox Universal DDI ManagementTM

Watch the launch to discover the new era of management for critical network services. Watch Now

Reporting

Reply

Splunk application for BloxOne Threat Defense - help!
rolboten
New Member
Posts: 2

‎07-09-2019 12:04 AM

3415     0

Hi! I am trying to get the Splunk app, https://splunkbase.splunk.com/app/3850, working in a lab. I have installed Splunk (Free version) 7.2 (also tested 7.3) on a Windows 10 machine. But my dashboard is not populated.

 

I have tried with curl to the API, and it works fine:

curl -k -i -H "Authorization: Token  <token> " "https://csp.infoblox.com/api/dnsdata/v1/dns_event?source=category&t0=1562609321&t1=1562617900&_format=cef" -s

I have followed the instructions for the app, even reinstalled Splunk in different version, as well as multiple restarts of the Splunk app. I have never worked with Splunk before, so I am a bit lost.


This is what the Infoblox Input config looks like

 

ib1.PNG


What do I do wrong? Any tips? The reason I want to try the dashboard is due to Bloxone dosen't have any reporting functions -- which I need, since we don't have a SIEM.

Labels:
Reply
0 Kudos

Re: Splunk application for BloxOne Threat Defense - help!
TTiscareno
Adviser
Posts: 109

‎07-11-2019 04:43 AM

3416     0

Moved: https://community.infoblox.com/t5/removed-posts/re-splunk-application-for-bloxone-threat-defense-help/m-p/17624#U17624

 

Reply
0 Kudos

Re: Splunk application for BloxOne Threat Defense - help!
rolboten
New Member
Posts: 2

‎07-11-2019 04:51 AM

3416     0

Hi! No, I can't find any error messages at all.

Reply
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Latest Annoucements