Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
InfobloxCDC Lookalike Domain match found in your Infoblox TIDE Threat Intelligence. Customize query count, scheduling, responses and more. Modify data sources, types and threat properties as desired. This rule depends on a parser based on a Kusto Function to work as expected called InfobloxCDC.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Infoblox Cloud Data Connector |
| ID | 568730be-b39d-45e3-a392-941e00837d52 |
| Severity | Medium |
| Status | Available |
| Kind | Scheduled |
| Tactics | Impact |
| Techniques | T1498, T1565 |
| Required Connectors | ThreatIntelligence, CefAma |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
CommonSecurityLog |
DeviceProduct == "Data Connector"DeviceVendor == "Infoblox" |
✓ | ✓ | ? |
ThreatIntelligenceIndicator |
✓ | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
↑ Back to Analytic Rules · Back to Infoblox Cloud Data Connector