Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
Infoblox BloxOne Threat Defense app icon

Infoblox BloxOne Threat Defense

This application allows to: - acquire ActiveTrust / BloxOne Threat Defense Cloud logs using REST API - filter it efficiently with full drill down support based on the time, threat property, threat class, source IP, domain name, query type and much more - summarize hits by IOCs - get IOCs context from Infoblox Dossier threat intelligence - prioritize hits based on context - search and pivot Threat Intelligence based on the IOCs matched in DNS traffic - report on BloxOne endpoints deployment Mandatory requires ActiveTrust / BloxOne Threat Defense Optionally requires Dossier for threat intelligence

Built by Nicolas Jeanselme
splunk product badge
Latest Version 2.3.1
January 30, 2024
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2
Rating

0

(0)

Log in to rate this app
Support
Infoblox BloxOne Threat Defense support icon
Not Supported
This application allows to: - acquire ActiveTrust / BloxOne Threat Defense Cloud logs using REST API - filter it efficiently with full drill down support based on the time, threat property, threat class, source IP, domain name, query type and much more - summarize hits by IOCs - get IOCs context from Infoblox Dossier threat intelligence - prioritize hits based on context - search and pivot Threat Intelligence based on the IOCs matched in DNS traffic - report on BloxOne endpoints deployment Mandatory requires ActiveTrust / BloxOne Threat Defense Optionally requires Dossier for threat intelligence

Categories

Created By

Nicolas Jeanselme

Type

app

Downloads

3,029

Licensing

Splunk Answers

Resources

Login to report this app listing