SIEM Integration with Data Export
All your critical data where you need it
Data Export transmits DNS traffic data out of the DNSFilter platform to external services for storage or further processing and analysis. You can also automate the manual process of exporting query log data, analyze trends and patterns in one location, and automatically retrieve and retain logs for whatever length of time is supported by your SIEM or SOAR
With our Data Export feature, you can directly import DNSFilter data to all SIEMs that can use the HTTP Event Collector (HEC) or Amazon S3. Customers can export query log data to be utilized by a Security Identification and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), or other tools of their choice. Exporting DNSFilter data allows an organization to aggregate relevant data from multiple sources and then take action.
The ability to extract raw DNS query data from DNSFilter opens a whole new world of custom integrations and data analysis that can help customers with decision making, network troubleshooting, and building extensions for DNSFilter.
Frequently Asked Questions
WHAT IS DATA EXPORT?
Our Data export feature allows users to export query log data to be utilized by a Security Information and Event Management (SIEM) or other tool of their choice. Exporting DNSFilter data allows an organization to aggregate relevant data from multiple sources and then take action.
WHAT INTEGRATIONS ARE SUPPORTED?
DNSFilter's Data Export supports Amazon S3 buckets and also Splunk. Many SIEMs are able to pull data from an S3 bucket enabling many tools to access the exported data from DNSFilter.