Infoblox BloxOne Threat Defense
  • 14 Mar 2025
  • 2 Minutes to read
  • Dark
    Light

Infoblox BloxOne Threat Defense

  • Dark
    Light

Article summary

The Infoblox BloxOne Platform uses AI and algorithms to track DNS threat actors and their activity. Infoblox enables you to deliver DNS services across physical, virtual and cloud environments at scale for simplified DevOps and faster speed to market.  More information can be found at Infoblox website.

Integration Method: API

Tables: DNS Activity (4003), Detection Finding (2004)

This integration supports the following events.

Event

Description

DNS Events

Gives a list of DNS security policy hits.

Threat Feeds

Gives the information on all threat feed objects on the account.

This integration supports the following versions.

Infoblox BloxOne Threat Defense API version

Threat Feeds - v1.0
DNS Event - v2.0

Prerequisites

  • The user should have access to the Infoblox Bloxone Cloud Portal with Admin privileges for creating API keys.

  • The user should have access to the DataBee console.

Configuration Overview

  1. Generate a API key for the created user on the Infoblox BloxOne cloud portal.

  2. Add the Infoblox BloxOne threat defense feed integration in the DataBee console with the required API token.

    DataBee Parameter

    Infoblox Parameter

    Token

    API Key

Infoblox BloxOne Configuration

Start by creating an API Token for the integration.

  1. Login to your Infoblox BloxOne cloud service portal which has admin privileges.

    A screenshot of a computer  AI-generated content may be incorrect.

  2. In the upper-right corner, hover to your name and then select Profile.
     A screenshot of a computer  AI-generated content may be incorrect.

  3. Click the User API Keys tab on the top and click Create to generate an API key.
     A screenshot of a computer  AI-generated content may be incorrect.

  4. In the pop-up specify the ‘Name’ and ‘Expires at’ date. Ensure that the expiration date is set to a later date in future as much as possible from the day you created this API key. Click on Apply and then click Save & Close button.
     A screenshot of a calendar  AI-generated content may be incorrect.

  5. You will see an “API Access Key Generated” on the top of the screen. Please make sure you copy and keep it on the trusted platform.
     A screenshot of a computer  AI-generated content may be incorrect.

    Note:

    Make sure to copy and save API Key as it will not be shown again.

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.

     A screenshot of a computer  AI-generated content may be incorrect.

  2. Search for the Infoblox BloxOne Threat Defense and click it as shown below.
     A screenshot of a computer  AI-generated content may be incorrect.

  3. Click on the API Ingest option for collection method as shown below.
     A screenshot of a computer  AI-generated content may be incorrect.

  4. Enter feed contact information and click Next.
     A screenshot of a computer  AI-generated content may be incorrect.

  5. In the configuration page, confirm the following:

  • API Base URL: this is the base URL that DataBee will interact with.

  • Authorization Method: Bearer Token

  • Token: paste the API Key generated earlier in the Infoblox console.

  • Event types: preselected for all the event types that integration pulls.

A screenshot of a computer  AI-generated content may be incorrect.

  1. Click Submit.

Troubleshooting Tips

  • Ensure the token is pasted correctly. Since you cannot view the token after the 1st time, re-create the token, paste it on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed.

  • Ensure the Infoblox BloxOne scopes/permissions are correct.


Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence