member:threatinsight : Grid member threat insight object.¶
To mitigate DNS data exfiltration, Infoblox DNS threat insight employs analytics algorithms that analyze incoming DNS queries and responses to detect DNS tunneling traffic.
The Grid member threat insight object contains facilities for starting and stopping the DNS threat insight routines as well as for monitoring the current status of the threat insight service.
Object Reference¶
References to member:threatinsight are object references.
The name part of the Grid member threat insight object reference has the following components:
The Grid member host name
- Example:
member:threatinsight/ ZG5zLm9wdGlvbl9kZWZpbml0aW9uJGluZm8uLmZhbHNlLjI1Mg:hostname.com
Restrictions¶
The object does not support the following operations:
Create (insert)
Delete
Global search (searches via the search object)
CSV export
The object cannot be managed on Cloud Platform members.
Fields¶
These fields are actual members of the object; thus, they can be requested by using _return_fields, if the fields are readable.
The basic version of the object contains the field(s): host_name, ipv4_address, ipv6_address, status.
comment¶
- comment¶
The Grid member descriptive comment.
Type
String.
Search
The field is available for search via
‘~=’ (regular expression)
‘=’ (exact equality)
‘:=’ (case insensitive search)
Notes
The comment cannot be updated.
comment cannot be written.
enable_service¶
- enable_service¶
Determines whether the threat insight service is enabled.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
host_name¶
- host_name¶
The Grid member host name.
Type
String.
Search
The field is available for search via
‘~=’ (regular expression)
‘=’ (exact equality)
‘:=’ (case insensitive search)
Notes
The host_name is part of the base object.
The host_name cannot be updated.
host_name cannot be written.
ipv4_address¶
- ipv4_address¶
The IPv4 Address address of the Grid member.
Type
String.
Search
The field is available for search via
‘~=’ (regular expression)
‘=’ (exact equality)
Notes
The ipv4_address is part of the base object.
The ipv4_address cannot be updated.
ipv4_address cannot be written.
ipv6_address¶
- ipv6_address¶
The IPv6 Address address of the Grid member.
Type
String.
Search
The field is available for search via
‘~=’ (regular expression)
‘=’ (exact equality)
Notes
The ipv6_address is part of the base object.
The ipv6_address cannot be updated.
ipv6_address cannot be written.
status¶
- status¶
The Grid member threat insight status.
Type
String.
- Valid values are:
FAILED
INACTIVE
UNKNOWN
WARNING
WORKING
Search
The field is not available for search.
Notes
The status is part of the base object.
The status cannot be updated.
status cannot be written.
Fields List¶
Field |
Type |
Req |
R/O |
Base |
Search |
|---|---|---|---|---|---|
comment |
String |
N |
Y |
N |
: = ~ |
enable_service |
Bool |
N |
N |
N |
N/A |
host_name |
String |
N |
Y |
Y |
: = ~ |
ipv4_address |
String |
N |
Y |
Y |
= ~ |
ipv6_address |
String |
N |
Y |
Y |
= ~ |
status |
String |
N |
Y |
Y |
N/A |
