Versions Compared

Old Version 80

changes.mady.by.user Gary Leicht

Saved on

compared with

New Version Current

changes.mady.by.user Alex Mandel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

TIDE data can be uploaded to a profile associated with an account. Data policies are used to control access to your organization's data and can be specified when the data is submitted. Data policies allow your organization to control how its submitted data is shared with other organizations or groups.

Data profiles are used to identify data in the Cloud Services the Infoblox Portal from one or many data submissions and control who can access the data. A data profile must be specified when data is submitted and is associated with a policy, which controls who can access the data. 

...

Users can submit threat indicators by using the Cloud Services the Infoblox Portal or the TIDE Data API. To submit data, the following is required:

1. A data profile: Data profiles are associated with policies, which control who has access to your organization’s data, and they must be specified when data is submitted. When a data profile is created, it must be associated with a policy. Subscribers of BloxOne Infoblox Threat Defense Advanced can create custom profiles that allow the use of custom-generated TIDE RPZ feeds that are based on an organization's requirements. When creating your own TIDE BYOF RPZ feeds for use with NIOS, keep in mind the practical limits of your NIOS system and its ability to ingest large amounts of data contained within only one RPZ feed. For details, see Creating Data Profiles.
2. Choose a fileSupported file formats include XML, JSON and comma/tab/pipe-separated values. Data files must follow the BloxOne Threat Defense API Guidelines for file and record-level fields. Records must contain a recognized threat class or property. For information, see Submitting TIDE Data

Users can submit data as JSON, CSV, XML, and TSV (tab-separated values). For all data formats, the submitted data must identify the data/record type in addition to the list of data records. For CSV and TSV, the record type must be provided as one of the columns. For JSON and XML, the record type is defined in a separate top-level field. The record type field can have one of the following values: “host”, “ip”, or “url”. It is not possible to upload data using different profiles or different record types in the same file. Threat data consists of file-level fields and record-level fields. The following table contains descriptions of all available fields:

...