...
You can configure Insight notifications to be viewed in the Cloud Services Infoblox Portal (in-application), and/or have notifications sent to an email recipient address of your choice in the Cloud Services the Infoblox Portal, Insight notifications can be viewed on the notifications page in the Cloud Services the Infoblox Portal.
| Infoblox Threat Defense - Insight Alert Update One or more domains have been added to this Insight Outlier.
| |
|---|---|
| Fields | Availability |
| Threat Type: <Major Attack> | IN-APPLICATION, EMAIL |
| Threat Class(s): <TI-MAJTHREAT> | IN-APPLICATION, EMAIL |
| Most recent event: <2023-06-27 08:38:10 +0000 UTC> | IN-APPLICATION, EMAIL |
| Threat Level: <high> | IN-APPLICATION, EMAIL |
| Ckick the link to go to the SOC Insights dashboard | IN-APPLICATION only |
Sample App/
...
Infoblox Portal Notification
The following is a sample app/Cloud Services Portal Infoblox Portal notification. Notifications for new assets and indicators are generated, as well.
...
Alerting settings can be changed by highlighting your logged-in Name & User Profile > Notifications in the Cloud Services the Infoblox Portal.
Go to the Insight Reporting Dashboard for details.
Image: A sample In-App Insight notification.
...
| Domain Notifications | |
|---|---|
| Fields | Description |
| Detection Class | The detection class of the domain triggering the detection |
| Detection Family | The detection family of the domain triggering the detection |
| Threat Indicator | The lookalike domain which triggered the detection |
| Target | The original domain |
Image: A sample In-App Domain notification.
Sample email notification (Domain)
Image: A sample, system-generated email notification.