Skip to main content

Configuration Guide - DNSFilter

Jason Phelps
  • Updated

TEAM: Huntress Managed Security Information and Event Management (SIEM)
PRODUCT: HTTP Event Collector (HEC) Syslog
ENVIRONMENT: DNSFilter
SUMMARY: Configuration Guide for DNSFilter


Vendor Information

Configuration Checklist

Vendor Information

Vendor

DNSFilter

Supported Model Name/Number

N/A

Supported Software Version(s)

N/A

Collection Method

HTTP Event Collector

Provider Name

DNSFilter

Additional Information

https://help.dnsfilter.com/hc/en-us/articles/6266552356499-Data-Export-configuration

You must be an Account Administrator in Huntress in order to follow the steps below.

If the options don't appear available to you, please confirm you have the appropriate DNSFilter licensing.

 

Configuration Checklist

  1. Create Token

    1. Open Huntress Portal

    2. Click SIEM on the left navigation menu
    3. Click Source Management
    4. Click Add Source
    5. Click DNSFilter
    6. Click Add
    7. Provide a name for the Integration and an optional description.
    8. Click Save
    9. Copy the HTTP Event Collector Token value
  2. Configure Integration in DNSFilter
        1. Log into DNSFilter Admin Console
          1. If you have multiple organizations, select the Organization you want to configure for  logging to Huntress SIEM.
        2. Click Integrations
        3. Click HTTP Event Collector
          1. If you have no existing integrations, you will want to click Getting Started, then choose HTTP Event Collector
        4. In the HTTP Event Collector URL field, enter https://hec.huntress.io/services/collector
        5. In the Active Event Collector Token, paste the value from step 9 in the previous step.
        6. Click "Verify & Test Account"
        7. Once successful, click "Finalize"

Related articles