Infoblox DDI

Our Integration guide was accurate at the time of writing but vendors change things frequently! If you find errors or anything is outdated, let us know by raising a request in the Samurai MDR application and we shall get it updated.

ProductSamurai [Local] CollectorSamurai [Cloud] Collector
Infoblox DDIPicture1.svg

This guide describes the steps required to configure an on-premise Infoblox DDI device to send logs to a Samurai Local Collector deployed in your network.

To complete this Integration you will need to:

  1. Ensure correct network connectivity
  2. Perform Grid Configuration
  3. Perform Data Management Configuration

Ensure correct network connectivity

You must ensure the following connectivity requirements are fulfilled:

SourceDestinationPortsDescription
Infoblox DDISamurai Local CollectorTCP/514For log transmission

Perform Grid Configuration

Perform the steps outlined in the vendor documentation to add an external syslog server:

Perform the below settings adjustments. In case a setting property is not referenced below, simply use the default value:

  • Address: Insert the IP address of the Samurai Local Collector.
  • Transport: Select TCP.
  • Node ID: Select Host Name.
  • Severity: Select Info.
  • Logging Category: Select Send selected categories and then enable all logging categories.

notice_icon.png This is performed to enable prefixing of the log messages instead of using the Send all option when configuring Send selected categories.

Perform Data Management Configuration

Perform the steps outlined in the vendor documentation to configure DNS logging categories:

Perform the below settings adjustments. In case a setting property is not referenced below, simply use the default value:

  • Logging Category: Select all the available categories.

For integrations that utilize a Local Collector where we ingest syslog only, you do not need to follow specific steps in the Samurai MDR Application as we auto detect the vendor and product. The only reason you need to use the Samurai MDR Application is if you need to determine the Local Collector IP address. Of course you will still need to ensure the integration is functioning! See Integrations for more information on checking status.