Skip to main content

Infoblox DDI

  • Updated

Our Integration guide was accurate at the time of writing but vendors change things frequently! If you find errors or anything is outdated, let us know by raising a request in the Samurai Help Center and we shall get it updated.

Product

Samurai [Local] Collector

Samurai [Cloud] Collector
Infoblox DDI

Picture1.svg

  
 

 

This guide describes the steps required to configure an on-premise Infoblox DDI device to send logs to a Samurai Local Collector deployed in your network.

To complete this Integration you will need to:

  1. Ensure correct network connectivity
  2. Perform Grid Configuration
  3. Perform Data Management Configuration

Ensure correct network connectivity

You must ensure the following connectivity requirements are fulfilled:

Source Destination Ports Description
Infoblox DDI
 Samurai Local Collector TCP/514 For log transmission

 

Perform Grid Configuration

Perform the steps outlined in the vendor documentation to add an external syslog server:

Perform the below settings adjustments. In case a setting property is not referenced below, simply use the default value:

  • Address: Insert the IP address of the Samurai Local Collector.
  • Transport: Select TCP.
  • Node ID: Select Host Name.
  • Severity: Select Info.
  • Logging Category: Select Send selected categories and then enable all logging categories.

notice_icon.png This is performed to enable prefixing of the log messages instead of using the Send all option when configuring Send selected categories.

 

Perform Data Management Configuration

Perform the steps outlined in the vendor documentation to configure DNS logging categories:

Perform the below settings adjustments. In case a setting property is not referenced below, simply use the default value:

  • Logging Category: Select all the available categories.

For integrations that utilize a Local Collector where we ingest syslog only, you do not need to follow specific steps in the Samurai MDR Application as we auto detect the vendor and product. The only reason you need to use the Samurai MDR Application is if you need to determine the Local Collector IP address. Of course you will still need to ensure the integration is functioning!  See Integrations for more information on checking status.

 

 

Was this article helpful?
0 out of 0 found this helpful
Return to top

Related articles

Comments

0 comments

Article is closed for comments.