Document toolboxDocument toolbox

Configuring Log Export

Owned by Shirly Tsang
Last updated: Sept 06, 2024 by Gary Leicht
2 min read

To export logs, complete the following:

  1. Log in to Infoblox Portal.

  2. Go to Configure > Administration > Log Export.

  3. On the Log Export page, complete the following:

Step 1: Select the checkboxes of the logs that you want to receive in your S3 bucket.

  • Response logs: These logs contain information about the DNS queries and responses sent to Infoblox Platform through DNS Firewall and the Infoblox Data Connector, provided that they are set up and configured properly.

  • RPZ logs: These logs contain information related to the RPZ hits for all clients and policies. You will receive RPZ logs only if you have set up the DNS Firewall service for your on-prem Infoblox appliances.

  • IP metadata: These are IPAM (IP Address Management) data related to the DNS zones and records that have been created, modified, or deleted through your Infoblox NIOS and virtual NIOS appliances. This information is channeled through the Infoblox Data Connector. Ensure that you have set up the Data Connector in your network infrastructure to receive these logs.

  • DDI DHCP logs: These logs contain information about DHCP requests and responses sent to Universal DDI and Data Connector provided that they are set up and configured properly.

  • DDI DNS logs: These logs contain information about DNS queries and responses sent to Universal DDI and Data Connector provided that they are set up and configured properly.

  • Security logs: Security logs contain security-related events in the system. These logs include: app source, user, event types (such as unsuccessful login), and date/time event information.

Step 2: Enter the name of your S3 bucket with which you want Infoblox Platform to synchronize log data. Infoblox Platform uses the following URL format:

s3://<bucketname>/
where <bucketname> = The S3 bucket name.

Note that Infoblox Platform validates the bucket name to ensure that it is unique. You might need to change the bucket name if Infoblox Platform detects a duplicate bucket name.

Step 3: Click Export to save your configuration and have Infoblox Platform start sending the log data to your S3 bucket. Once you click Export, the button toggles to Disable.