Versions Compared

Version Old Version 8 New Version 9
Changes made by

Gary Leicht

Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. After successfully completing the configuration for the Data Connector VM, you can log in to the NIOS Grid and enable the Grid to start capturing DNS queries and/or DNS responses to be sent to the Data Connector VM. For more information, see Configuring DNS Queries and ResponsesConfiguring DNS Queries and Responses.
  2. You must also add the IP address of the Data Connector VM and the user credentials of the SCP user to the Logging tab -Advanced tab of the Grid DNS Properties editor. For more information, refer to the Infoblox NIOS Administrator Guide.
    Note: You must add user credentials of only superuser administrators.

  3. For Reporting destinations, use the following command to register the Data Connector VM with the Grid Master:

    data.destination.reporting.registration > register
    Getting Grid Data Connector information... done.
    Generating certificate for Splunk forwarder... done.
    Signing Splunk forwarder certificate with the Grid... done.
    Registering Data Connector with the Grid... done.
    Saving changes to database... done.

...

  1. Connect to the CLI using the following command:

    ssh admin@vm_ip_address -p 2020
    admin@<vm_ip_address>'s password: password

    Name:           DataConnector

    Version:        3.0.0-371818

    Infoblox Data Connector Virtual Machine
    In the above command, the variable vm_ip_address is the IP address of the Data Connector VM. You can get the IP address from the VM console on the VMware ESXi server. The default username is admin and the default password is infoblox. 

  2. Configure the data source for the Data Connector VM to collect DNS query and response data. Next, configure relevant output destinations. An output destination can be a Reporting member, an BloxOne Threat Defense Cloud, or a SIEM tool. For more information about configuring the source and Reporting destination for a Data Connector VM, see Configuring Reporting Destination. For more information about configuring the source and Infoblox BloxOne Threat Defense Cloud destination, see Configuring BloxOne Threat Defense Cloud Destination. To configure the source and Splunk destination, see Configuring Splunk Destination. For more information about configuring the source and IBM QRadar SIEM tool, see Configuring Data Connector for IBM QRadar. To configure the source and McAfee ESM, see Configuring Data Connector for McAfee ESM. For more information about configuring the source and Micro Focus ArcSight ESM, see Configuring Data Connector for Micro Focus ArcSight ESM.
  3. Add SCP user details on the Grid members to allow them to upload files to the Data Connector VM. For information, see Configuring Data Connector for NIOS..
  4. Configure Data Connector VM for output destination. For more information about configuring the source and Reporting destination for a Data Connector VM, see Configuring Reporting Destination. For more information about configuring the source and BloxOne Threat Defense Cloud destination, see Configuring BloxOne Threat Defense Cloud Destination. To configure the source and Splunk destination, see Configuring Splunk Destination. For more information about configuring the source and IBM QRadar destination, see Configuring Data Connector for IBM QRadar. To configure the source and McAfee ESM, see Configuring Data Connector for McAfee ESM. For more information about configuring the source and Micro Focus ArcSight ESM, see Configuring Data Connector for Micro Focus ArcSight ESM.