Versions Compared

Old Version 55

changes.mady.by.user Gary Leicht

Saved on

compared with

New Version 56

changes.mady.by.user Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

You can configure a Data Connector traffic flow that sends and receives data according to your business needs. Data Connector collects specified data, converts it into a specific format, and sends it to supported destinations.

...

Sources

Data Types

Format

Destinations

NIOS

  • RPZ Log

  • For a generic syslog, CEF (Common Event Format) and LEEF (Log Event Extended Format) are supported.

  • For Splunk and Splunk Cloud, Infoblox Legacy and Splunk CIM formats are supported.

  • For NIOS Reporting, the CSV format is supported.

  • For Threat Insight, Parquet files via gRPC streaming are supported.

  • Only one traffic flow is supported for the Syslog, Splunk, Splunk Cloud, or NIOS Reporting destination.

  • BloxOne Threat Defense Cloud

  • Syslog (generic)

  • Splunk

  • Splunk Cloud

  • NIOS Reporting

NIOS

  • RPZ Log

  • IPAM Metadata

  • Parquet files via gRPC streaming

  • The NIOS IPMeta configuration flow to BloxOne Destination requires at least 16 GB RAM size for hosts where ipmeta flows are configured. If there are more frequent DB object updates then the RAM size needs to be further increased based on the DB size. It can be doubled to the previous memory resource limit ( i.e 16 * 2 = 32 GB ).

BloxOne Threat Defense Cloud

BloxOne Threat Defense

  • Threat Defense Query/Response Log

  • Threat Defense Threat Feeds Hits Log

  • Audit Log

  • Internal Notifications

Streaming of data is close to real time.

For a generic syslog, CEF (Common Event Format) and LEEF (Log Event Extended Format) are supported.

For Splunk and Splunk Cloud, Infoblox Legacy and Splunk CIM formats are supported.

For NIOS Reporting, the CSV format is supported.

Only one traffic flow is supported for the Syslog, Splunk, Splunk Cloud, or NIOS Reporting destination.

  • Syslog (generic)

  • Splunk

  • Splunk Cloud

  • NIOS Reporting

BloxOne DDI

DNS Query/Response Log

For a generic syslog, CEF (Common Event Format) and LEEF (Log Event Extended Format) are supported.

For Splunk and Splunk Cloud, Infoblox Legacy and Splunk CIM formats are supported.

For NIOS Reporting, the CSV format is supported.

Only one traffic flow is supported for the Syslog, Splunk, Splunk Cloud, or NIOS Reporting destination.

  • Syslog (generic)

  • Splunk

  • Splunk Cloud

  • NIOS Reporting

BloxOne DDI

  • DHCP Lease Log

For a generic syslog, CEF (Common Event Format) and LEEF (Log Event Extended Format) are supported. DHCP-enriched logs, including certain metadata, are sent in the CEF and LEEF formats.

For Splunk and Splunk Cloud, Infoblox Legacy and Splunk CIM formats are supported.

  • Syslog (generic)

  • Splunk

  • Splunk Cloud

  • NIOS Reporting

...

  • NAME: The name of the source configuration.

  • DESCRIPTION: The information about the source configuration.

  • SOURCE: The filter criterion for the source process.

  • DESTINATION: The destination for the traffic flow.

  • LAST DELIVERED: Date and time of last traffic flow delivery.

  • ETL CONFIGURATION: The description of the ETL configuration type.

  • SERVICE INSTANCE: The name of the service instance.

  • STATE: An indication of whether the configuration is enabled or disabled.

  • STATUS: The current status of the traffic flow.
    The following status types are reported:

    • Active: A data pull is currently in progress.

    • Review Details: Review the details for the data pull.

    • Completed: A data pull has been completed on date and time.

    • Scheduled: A data pull is scheduled for date and time.

    • Disabled: A data pull has been disabled.

...