circle-info
Welcome to the new Logpoint documentation portal! Can’t find what you’re looking for?
Logpoint Documentationarrow-up-right
search

Configure AgentX in device

Configure AgentX for a device in Logpoint to specify how logs are collected and processed.

hashtag
Prerequisites

  • Device added in Logpoint

  • AgentX Server installed in Logpoint

  • AgentX Manager installed in Logpoint

  • Processing policy created that uses an AgentX normalization policy

  • Template created or default template selected

  • Administrator access to Logpoint

hashtag
Procedure

  1. Go to Settings > Configuration and select Devices.

  2. Select Add collectors/fetchers under Actions for the device.

  3. Select AgentX.

  4. Select a Charset for log encoding (typically UTF-8).

  5. Select a Processing Policy that uses an AgentX normalization policy.

  6. Select a Template:

    • Select an existing template to use its configuration

    • Select None to create a new template (you will be prompted to create one)

  7. Select Submit.

hashtag
Expected outcome

AgentX is configured for the device. When AgentX Clients on this device connect to Logpoint, they receive the template configuration and begin collecting logs according to the template settings.

hashtag
Verification

After installing AgentX Client on the endpoint:

  1. Go to Settings > Configuration > AgentX > Agents.

  2. Verify that the endpoint appears in the agents list with an active status.

  3. Go to the Logpoint search interface.

  4. Run the following query to verify log ingestion:

Replace <device_name> with your device name.

Verify that logs appear within a few minutes of agent connection.

hashtag
Configuration guidelines

Processing policy must use AgentX normalization The selected processing policy must include a normalization policy that uses either AgentXWindowsCompiledNormalizer or AgentXUnixCompiledNormalizer. Without proper normalization, logs will not be parsed correctly.

Template defines what is collected The template determines which logs AgentX collects from endpoints. Review template configuration carefully to ensure it collects the required data sources.

UTF-8 charset for most deployments Most Windows and Linux systems use UTF-8 encoding for logs. Only change the charset if you have logs in a different encoding.

Template synchronization takes a few minutes After configuring AgentX, allow a few minutes for template synchronization to complete before expecting logs from newly installed agents.

hashtag
Next steps

Last updated

Was this helpful?