The Cisco Umbrella App for Splunk provides dashboards and an interactive query exploration tool for reporting and analysis of Umbrella DNS logs. Quickly find security incidents, policy violations, and other DNS anomolies.
Download the .tgz file from the release page and install on your Splunk search head.
By default, the Umbrella data model has acceleration disabled. To load dashboards faster, it is recommended to enable acceleration for at least the last 7 days.
You'll need to have the following installed for the app to work correctly.
- Cisco, Cisco Umbrella, and the Umbrella Logo, are registred trademarks of Cisco.
- The Orange OpenDNS Logo is a registered trademark of Cisco OpenDNS, LLC.
- Company names, trademarks, and product logos are property of their respective owners. Use does not imply any affiliation or endorsement.