member:threatanalytics : Grid member threat analytics object.

To mitigate DNS data exfiltration, Infoblox DNS threat analytics employs analytics algorithms that analyze incoming DNS queries and responses to detect DNS tunneling traffic.

The Grid member threat analytics object contains facilities for starting and stopping the DNS threat analytics routines as well as for monitoring the current status of the threat analytics service.

Object Reference

References to member:threatanalytics are object references.

The name part of the Grid member threat analytics object reference has the following components:

• The Grid member host name

Example:

member:threatanalytics/ ZG5zLm9wdGlvbl9kZWZpbml0aW9uJGluZm8uLmZhbHNlLjI1Mg:hostname.com

Restrictions

The object does not support the following operations:

• Create (insert)
• Delete
• Global search (searches via the search object)
• CSV export

The object cannot be managed on Cloud Platform members.

Fields

These fields are actual members of the object; thus, they can be requested by using _return_fields, if the fields are readable.

The basic version of the object contains the field(s): host_name, ipv4_address, ipv6_address, status.

comment

comment

The Grid member descriptive comment.

Type

String.

Search

The field is available for search via

• ‘:=’ (case insensitive search)
• ‘=’ (exact equality)
• ‘~=’ (regular expression)

Notes

The comment cannot be updated.

comment cannot be written.

enable_service

enable_service

Determines whether the threat analytics service is enabled.

Type

Bool.

Create

The default value is False.

Search

The field is not available for search.

host_name

host_name

The Grid member host name.

Type

String.

Search

The field is available for search via

• ‘:=’ (case insensitive search)
• ‘=’ (exact equality)
• ‘~=’ (regular expression)

Notes

The host_name is part of the base object.

The host_name cannot be updated.

host_name cannot be written.

ipv4_address

ipv4_address

The IPv4 Address address of the Grid member.

Type

String.

Search

The field is available for search via

• ‘=’ (exact equality)
• ‘~=’ (regular expression)

Notes

The ipv4_address is part of the base object.

The ipv4_address cannot be updated.

ipv4_address cannot be written.

ipv6_address

ipv6_address

The IPv6 Address address of the Grid member.

Type

String.

Search

The field is available for search via

• ‘=’ (exact equality)
• ‘~=’ (regular expression)

Notes

The ipv6_address is part of the base object.

The ipv6_address cannot be updated.

ipv6_address cannot be written.

status

status

The Grid member threat analytics status.

Type

String.

Valid values are:

• FAILED
• INACTIVE
• UNKNOWN
• WARNING
• WORKING

Search

The field is not available for search.

Notes

The status is part of the base object.

The status cannot be updated.

status cannot be written.

Fields List

Field	Type	Req	R/O	Base	Search
comment	String	N	Y	N	: = ~
enable_service	Bool	N	N	N	N/A
host_name	String	N	Y	Y	: = ~
ipv4_address	String	N	Y	Y	= ~
ipv6_address	String	N	Y	Y	= ~
status	String	N	Y	Y	N/A