Sourcetypes for the Splunk Add-on for Infoblox¶
The Splunk Add-on for Infoblox includes the following source types and event types which map the data to the Splunk Common Information Model (CIM).
| Sourcetype | Description | CIM data models |
|---|---|---|
infoblox:audit |
Infoblox Audit logs | Authentication, Change |
infoblox:dhcp |
Infoblox DHCP logs | Network Sessions |
infoblox:dns |
Infoblox DNS logs | Network Resolution (DNS) |
infoblox:threatprotect |
Infoblox Threat Protection logs | Intrusion Detection |