Dropbox Business And Splunk Integration

Dropbox Business And Splunk Integration

Dropbox business is a cloud based storage solution to securely Share, sync, and collaborate on files.

Follow the steps below to integrate your Dropbox business with Splunk. This app gives insights such as,  

- Login activity.
- Membership activity (i.e. requests/additions/removals).
- Device activity.
- API-based Application activity.
- Sharing activity both within and outside the team.
- Security metrics, including user and path tracking.

Step-1:  Download the “Dropbox business app for Splunk “.

        https://splunkbase.splunk.com/app/2755/

Step-2:  On your Splunk Instance navigate to Manage Apps >> Install app from file, upload the add-on you just downloaded and restart Splunk once the installation is complete.

Step-3: Open the “Dropbox app for Splunk” and navigate to the ‘Inputs’ page.

Step-4: Click on the ‘Create New Input’ option located on the right hand side.

Screenshot (31)

Name : Provide a unique name for this input connection.
Interval : Set the frequency of event collection, in seconds.
Index : Select the index to ingest the data received from Dropbox.

Now, click on the “Get token here” option located just below the input box. You will be forwarded to the sign in page of Dropbox, put your Dropbox business account credentials to obtain the access token.

Screenshot (30)

Screenshot (23)

Access token : Copy and paste the access token you generated.
Start time : Set the past date from when you want to start collecting the logs, defaults to past 90 days.
Category(Optional) : Set if you want to have a single category for the received events.

Step-5: On your Dropbox business account select from the options to upload files or folder.

Screenshot (24)

Step-6: Upload your files/folder.(uploaded a folder named Splunk_Docs for testing)

Screenshot (25)

Step-7: Share the files/folders you uploaded with someone.(shared with a friend’s mail id – maityayan1996@gmail.com)

Step-8: Let’s look for the events in Splunk, as you can see in the screen shot below the event gives a complete set of information.  In the search box mention the index=main sourcetype=dropbox  to see the data.

Screenshot (33)

Screenshot (34)

Screenshot (35)

This app ships with some cool out of the box dashboards, sharing some screen shots below-

The below one is the overview dashboard,

Screenshot (28)

This one shows the team member sharing activities that happened on your Dropbox business,

Screenshot (29)

Screenshot (37)

That’s all on this post, keep visiting for more exciting contents.

Happy Splunking!!

You can also know about :  Sending Data from Database To Splunk Using DB Connect ( DBX - Part 2)

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.