🌙
 

Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

Infoblox Integration Guide

integrations network infoblox


Infoblox should be configured to send logs via syslog to the Taegis™ XDR Collector. Infoblox logs are filtered and correlated for various security event observations. Please follow the instructions in the documentation provided by Infoblox to specify a syslog server.

Firewall Requirements

Source Destination Port/Protocol
Infoblox Appliance Taegis™ XDR Collector (mgmt IP) UDP/514

Data Provided from Integrations

  Auth DHCP DNS File HTTP Management Netflow NIDS Process Thirdparty
InfoBlox (DNS via named process)     D            

Y = Normalized | D = Out-of-the-Box Detections | V = Vendor-Specific Detections

Note

Taegis™ XDR detectors are not guaranteed to be triggered, even if a data source's logs are normalized to a schema associated with a given detector. However, you can create Custom Alert Rules to generate alerts based on normalized data from a data source.

Logging Configuration Instructions

To configure your Infoblox appliance to send logs to Secureworks® Taegis™ XDR, follow the instructions provided by Infoblox to specify a syslog server in this article.

Consider the following requirements when completing the configuration steps:

Note

Infoblox events are normalized as Secureworks® Taegis™ XDR Sensor Type named.

 

On this page: