| Table of Contents | ||||
|---|---|---|---|---|
|
...
Valid tags and data tables
The full tag must have 4 levels. The first two are fixed as ddi.infoblox. The third level identifies the type of events sent, and the fourth level indicates the event subtype.
Technology | Brand | Type | Subtype |
|---|---|---|---|
ddi | infoblox |
|
|
|
| ||
|
| ||
|
|
...
Tag | Data table |
|---|---|
ddi.infoblox.audit.serialconsole | ddi.infoblox.audit.serialconsole |
ddi.infoblox.audit.sshd | ddi.infoblox.audit.sshd |
ddi.infoblox.audit.httpd | ddi.infoblox.audit.httpd |
ddi.infoblox.dhcp.dhcpd | ddi.infoblox.dhcp.dhcpd |
ddi.infoblox.dhcp.validate_dhcpd | ddi.infoblox.dhcp.validate_dhcpd |
ddi.infoblox.dns.general | ddi.infoblox.dns.general |
ddi.infoblox.dns.client | ddi.infoblox.dns.client |
ddi.infoblox.dns.config | ddi.infoblox.dns.config |
ddi.infoblox.dns.database | ddi.infoblox.dns.database |
ddi.infoblox.dns.dtc | ddi.infoblox.dns.dtc |
ddi.infoblox.dns.lame-servers | ddi.infoblox.dns.lameServers |
ddi.infoblox.dns.network | ddi.infoblox.dns.network |
ddi.infoblox.dns.notify | ddi.infoblox.dns.notify |
ddi.infoblox.dns.queries | ddi.infoblox.dns.queries |
ddi.infoblox.dns.rate-limit | ddi.infoblox.dns.rateLimit |
ddi.infoblox.dns.resolver | ddi.infoblox.dns.resolver |
ddi.infoblox.dns.infoblox-responses | ddi.infoblox.dns.infobloxResponses |
ddi.infoblox.dns.rpz | ddi.infoblox.dns.rpz |
ddi.infoblox.dns.security | ddi.infoblox.dns.security |
ddi.infoblox.dns.xfer-in | ddi.infoblox.dns.xferIn |
ddi.infoblox.dns.xfer-out | ddi.infoblox.dns.xferOut |
ddi.infoblox.dns.unknown | ddi.infoblox.dns.unknown |
ddi.infoblox.dns.update | ddi.infoblox.dns.update |
ddi.infoblox.dns.update-security | ddi.infoblox.dns.updateSecurity |
ddi.infoblox.nios.ntpd | ddi.infoblox.nios.ntpd |
ddi.infoblox.nios.ntpdate | ddi.infoblox.nios.ntpdate |
ddi.infoblox.nios.monitor | ddi.infoblox.nios.monitor |
ddi.infoblox.nios.syslog-ng | ddi.infoblox.nios.syslogNg |
ddi.infoblox.nios.rabbitmq_control | ddi.infoblox.nios.rabbitmq_control |
ddi.infoblox.unknown.unknown | ddi.infoblox.unknown.unknown |
How is the data sent to Devo?
Set up the Devo relay rules
...
Infoblox DNS Logging Categories | Relay rule names | |||
DDI Infoblox - DNS Categories | DDI Infoblox - DNS Category DTC 1 | DDI Infoblox - DNS Category DTC 2 | DDI Infoblox - unknown DNS Categories | |
general | ✓ | |||
client | ✓ | |||
config | ✓ | |||
database | ✓ | |||
dnssec | ✓ | |||
lame servers | ✓ | |||
network | ✓ | |||
notify | ✓ | |||
queries | ✓ | |||
rate-limit | ✓ | |||
resolver | ✓ | |||
responses | ✓ | |||
rpz | ✓ | |||
security | ✓ | |||
transfer-in | ✓ | |||
transfer-out | ✓ | |||
update | ✓ | |||
update-security | ✓ | |||
DTC load balancing | ✓ | |||
DTC health monitors | ✓ | |||
RulesRelay screenshot | |
|---|---|
DDI Infoblox - DNS Categories
|  |
DDI Infoblox - DNS Category DTC 2
 | |
DDI Infoblox - unknown DNS Categories
|  |
DDI Infoblox - DNS Category DTC 1
 |
Infoblox - DHCP
Rules | Relay screenshot |
|---|---|
DDI Infoblox - DHCP
 |
Infoblox - NIOS
Rules | Relay screenshot |
|---|---|
DDI Infoblox - NIOS
 |
Infoblox - Audit
Rules | Relay screenshot |
|---|---|
DDI Infoblox - AUDIT
 |
Infoblox - unknown
Rules | Relay screenshot |
|---|---|
DDI Infoblox - unknown
 |
Configure Infoblox NIOS to send logs to the Relay
...
Select Data Management tab
Select the DNS tab
Click Grid DNS Properties from the Toolbar
Enable de Advanced Mode by clicking on “Toggle Expert Mode” if the editor is in the basic mode.
Select the Logging tab
Select the Logging Categories you would like to send to Devo.
Save & Close
| Note |
|---|
Enabling some logging categories can increase disk space usage and adversely affect DNS services and performance. Check with Infoblox whether you are recommended to logging some of these categories. |
...
After saving the changes, you may be prompted to restart the DNS service for the changes to take effect.
...