Versions Compared

Old Version 21

changes.mady.by.user Alex Mandel

Saved on

compared with

New Version Current

changes.mady.by.user Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

BloxOne Infoblox Platform security logs track security events generated by supported applications. Use these logs to monitor security events and gain deeper insight into the security and safety of your network.

To view the security logs, do the following:

  1. In the Cloud Services Infoblox Portal, click Administration Monitor > Logs > Security Logs

  2. On the Security Logs page, click Display Recent to display the most recent 100 security events.
    or
    Click

    the Filter icon

    to activate the filtering feature, and then click

    the Add icon

    to configure your filter.
    From the Basic Columns menu, choose the filtering criterion you want to add. For example, if you choose Timestamp, select an applicable timeline within which you want to filter the results, using the calendar provided. To add more filtering criteria, click

    the Add icon

    again to add another criterion. When you are done, click

    The Run iconImage Modified

    to filter the events.
    You can also click

    the Delete icon

    to remove the filter you just created. If you want to use the same criteria for future filtering, you can save the filter by clicking

    the Save icon

    and entering a name for the filter. You can then click

    the Star icon

    to find the saved filter in the future without setting the filtering criteria again.

...

  • Timestamp: The UTC timestamp for the time the event was logged.

  • User: The user account that triggered the event.

  • App: The BloxOne Infoblox Platform application source that generated the event. The following sources are supported:

    • identity: Identity and Access Management Service.

    • ngnix: The NGNIX or Apache web server.

  • Security Event Type: The security event type. The following are supported types and their descriptions:

...

  • TIMESTAMP: The UTC timestamp for the time the event was logged

  • USER: The user account that triggered the event

  • APP: The BloxOne Infoblox Platform application source that generated the event. The following sources are supported:

    • identity: Identity and Access Management Service.

    • ngnix: The NGNIX or Apache web server.

  • SECURITY EVENT TYPE: The security event type. Refer to the event table on this page.

  • DOMAIN: The name of the domain from which the security event was generated

  • JWT: The JSON web token used to securely transmit the request.

  • REMOTE ADDRESS: The IP address used in the JSON web token.

  • REQUEST: The API request for the security event.

  • STATUS: The status of the API request for the security event.

  • USER EMAIL: The email address of the user account that triggered the event.

...

  • Sort events in ascending or descending order: Click the Sort by menu, choose the column by which you want to sort the events, and then use the up and down arrows.

  • View the security events that match a specific keyword: In the Search text box, enter a keyword that you want to search on. The Cloud Services Infoblox Portal will show the events that match the keyword.