SPLUNK

Place BlueCat service points between your existing internal DNS resolution system and endpoints to pass query data to Splunk for further analysis.

This integration places BlueCat service points between the existing internal DNS resolution system and end points, passing the query data to Splunk, where it can be further analyzed and correlated with other network service data . This positions your SOC to gain full insight into DNS in real time, whilst optimizing your Splunk data volume costs using the BlueCat risk detection filter, so that a subset of DNS data is passed to Splunk. In addition, BlueCat offers the capability to the full DNS data set so that east-west spread of detected risks can be isolated, and subsequently cleaned