Infoblox DNS/DHCP
What is Discovered and Monitored
Protocol |
Information discovered |
Metrics collected |
Used for |
---|---|---|---|
SNMP |
Host Name, Hardware model, Serial number, Network Interfaces, Running processes, Installed software |
System CPU utilization, Memory utilization, Disk usage, Disk I/O |
Performance Monitoring |
SNMP |
Process level CPU utilization, Memory utilization |
||
SNMP |
Zone Transfer metrics: For each zone: DNS Responses Sent, Failed DNS Queries, DNS Referrals, Non-existent DNS Record Queries, DNS Non-existent Domain Queries, Recursive DNS Query Received DNS Cluster Replication metrics: DNS Replication Queue Status, Sent Queue From Master, Last Sent Time From Master, Sent Queue To Master, Last Sent Time To Master DNS Performance metrics: NonAuth DNS Query Count, NonAuth Avg DNS Latency, Auth DNS Query Count, Auth Avg DNS Latency, Invalid DNS Port Response, Invalid DNS TXID Response DHCP Performance metrics: Discovers/sec, Requests/Sec, Releases/Sec, Offers/sec, Acks/sec, Nacks/sec, Declines/sec, Informs/sec DDNS Update metrics: DDNS Update Success, DDNS Update Fail, DDNS Update Reject, DDNS Prereq Update Reject, DDNS Update Latency, DDNS Update Timeout DHCP subnet usage metrics: For each DHCP Subnet (addr, mask) - percent used |
Security Monitoring and compliance |
|
SNMP |
Hardware status |
Availability monitoring |
|
SNMP Trap |
Hardware failures, Software failures |
Availability monitoring |
Event Types
In ADMIN > Device Support > Event, search for "infoblox" in the Device Type and Description columns to see the event types associated with this device.
Reports
In RESOURCE > Reports , search for "infoblox" in the Name and Description column to see the reports associated with this application or device.
Configuration
SNMP
FortiSIEM uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation. For more information, refer to sections "Discovery Settings" and "Setting Credentials" in the User Guide.
SNMP Trap
FortiSIEM processes events from this device via SNMP traps sent by the device. Configure the device to send send SNMP traps to FortiSIEM as directed in the device's product documentation, and FortiSIEM will parse the contents.
Settings for Access Credentials
SNMP Access Credentials for All Devices
Use these Access Method Definition settings to allow FortiSIEM to communicate with your device over SNMP. Set the Name and Community String.
Setting | Value |
---|---|
Name | <set name> |
Device Type | Generic |
Access Protocol | SNMP |
Community String | <your own> |