circle-info
Welcome to the new Logpoint documentation portal! Can’t find what you’re looking for?
Visit the old documentation portal.arrow-up-right
search

NormalizationPackage

hashtag
NormalizationPackage - AddSignature

Adds a new signature to the Normalization Package.

POST

https://api-server-host-name/configapi/{pool_UUID}/{logpoint_identifier}/NormalizationPackage/Signatures

hashtag
Parameters

Field
Label in UI
Type
Description

package_id

-

String

ID of the normalization package. Mandatory Field

extra_key_value

Key Values

json

Add extra key value pair to the normalized log. Optional Field

replace_key_value

Replace Keys

json

Replace the name of the keys. Optional Field

pattern

Pattern

String

Pattern of the signature. Mandatory Field

example

Example

String

Example of the log to be matched with the newsignature parameter. Optional Field

hashtag
Request Example

{
    "data": {
        "package_id": "574fceedd8aaa40740736302",
        "extra_key_value": {
            "label": "Sonic,Firewall,Notice",
            "norm_id": "SonicFirewall"
        },
        "replace_key_value": {
            "label": "Sonic",
            "norm_id": "SonicFirewall"
        },
        "pattern": "user<user:word><action:all>from source<source_address:ip>",
        "example": "user Bob logged in from source 192.168.2.10"
    }
}

hashtag
Success Response

hashtag
NormalizationPackage - CheckPattern

Check if the pattern matches with the example.

POST

hashtag
Parameters

Field
Label in UI
Type
Description

pattern

Pattern

String

Pattern of the signature. Mandatory Field

example

Example

String

Example of the log. Mandatory Field

hashtag
Request Example

hashtag
Success Response

hashtag
NormalizationPackage - ClonePackage

Clone the normalization package.

POST

hashtag
Parameters

Field
Label in UI
Type
Description

clone_name

CHOOSE NEW NAMES

String

Name of the package to be cloned. Mandatory Field

replace

Replace Existing?

String

Set value as “on”(exact) to replace an existing package with the same name. Optional Field

package_id

-

String

ID of the normalization package which should be cloned. Mandatory Field

hashtag
Request Example

hashtag
Success Response

hashtag
NormalizationPackage - Create

Adds a new Normalization Package.

POST

hashtag
Parameters

Field
Label in UI
Type
Description

name

Name

String

Name of the Normalization Package. The value of the name field must be unique alphanumeric values with hyphen (-) and underscore () characters, and it must not begin or end with a white space character, hyphen (-) and an underscore () . The total length has to be between 2 and 100 characters. Mandatory Field

description

Description

String

Description of the normalization package. Optional Field

hashtag
Request Example

hashtag
Success Response

hashtag
NormalizationPackage - Edit

Edits a Normalization Package with given ID.

PUT

hashtag
Parameters

Field
Label in UI
Type
Description

description

Description

String

Description of the normalization package. Optional Field

unused_signatures

-

[Integer]

List of the signature id(s) to be unused. Optional Field

order

-

[Integer]

List of all signature id(s) in the desired order. Optional Field

id

-

String

Existing normalization package id. Mandatory Field

hashtag
Request Example

hashtag
Success Response

hashtag
NormalizationPackage - EditSignature

Edit a signature of the given normalization package.

PUT

hashtag
Parameters

Field
Label in UI
Type
Description

id

-

int

ID of the signature. Mandatory Field

extra_key_value

Key Values

json

Add extra key value pair to the normalized log. Optional Field

replace_key_value

Replace Values

json

Replace the name of the field. Optional Field

pattern

Pattern

String

Pattern of the signature. Mandatory Field

example

Example

String

Example of the log. Optional Field

hashtag
Request Example

hashtag
Success Response

hashtag
NormalizationPackage - Get

Fetches a Normalization Package with given ID.

GET

hashtag
Parameters

Field
Label in UI
Type
Description

id

-

String

Existing normalization package id.

hashtag
Success Response

hashtag
NormalizationPackage - Install

Install a given normalization package pak file.

POST

hashtag
Parameters

Field
Label in UI
Type
Description

file_name

Normalization Package

String

Name of the pak file for normalization package. Mandatory Field

file_location

-

String

Location of the file to install. Can be either 'private' or 'public'. Mandatory Field

hashtag
Request Example

hashtag
Success Response

hashtag
List

Lists all Normalization Packages.

GET

hashtag
Success Response

hashtag
NormalizationPackage - ListCompiledNormalizers

Lists all Compiled Normalizers installed in the LogPoint.

GET

hashtag
Success Response

hashtag
NormalizationPackage - ListPrivateUploads

List all the pak files that contain normalization package in private storage.

GET

hashtag
Success Response

hashtag
NormalizationPackage - ListPublicUploads

List all the pak files that contain normalization package in public storage.

GET

hashtag
Success Response

hashtag
NormalizationPackage - RefreshCompiledNormalizersList

Updates the CompiledNormalizers list to ensure consistency with the updated compiled normalizers list in Logpoint.

POST

hashtag
Request Example

hashtag
Success Response

hashtag
NormalizationPackage - ReorderSignature

Reorder signatures of given normalization package.

POST

hashtag
Parameters

Field
Label in UI
Type
Description

id

ID

String

Existing Normalization Package id. Mandatory Field

order

-

[Integer]

List of all signatures id(s) in the desired order. Mandatory Field

hashtag
Request Example

hashtag
Success Response

hashtag
NormalizationPackage - Trash

Deletes a Normalization Package with given ID.

DELETE

hashtag
Parameters

Field
Label in UI
Type
Description

id

-

String

Existing normalization package id. Mandatory Field

hashtag
Success Response

hashtag
NormalizationPackage - TrashPrivateUploads

Delete the file with given name from private storage.

DELETE

hashtag
Parameters

Field
Label in UI
Type
Description

file_name

String

Name of the file to be deleted. Mandatory Field

hashtag
Success Response

hashtag
NormalizationPackage - TrashPublicUploads

Delete the file with given name from public storage.

DELETE

hashtag
Parameters

Field
Label in UI
Type
Description

file_name

String

Name of the file to be deleted. Mandatory Field

hashtag
Success Response

hashtag
NormalizationPackage - TrashSignature

Delete a signature with given ID.

DELETE

hashtag
Parameters

Field
Label in UI
Type
Description

id

-

int

Existing signature id. Mandatory Field

hashtag
Success Response

hashtag
NormalizationPackage - UnuseSignature

Unuse given signatures of given normalization package.

POST

hashtag
Parameters

Field
Label in UI
Type
Description

unused_signatures

-

[Integer]

List of the signature id(s) to be unused. Optional Field

id

ID

String

Existing normalization package id. Mandatory Field

hashtag
Request Example

hashtag
Success Response

hashtag
NormalizationPackage - Upload

Upload pak files that contain normalization package to private storage. This upload should be used for normalization packages only.

POST

hashtag
Headers

Field
Label in UI
Description

file_name

Name of the file to be uploaded.

Content-Type

application/octet-stream

replace_existing

Set the value of this parameter as 'true' to replace the existing file with the same name with the new file. Default value is 'false'. Value can be 'true' or 'false'. Optional field

hashtag
Parameters

Field
Label in UI
Type
Description

file

-

[Object]

(pak) to be uploaded. Mandatory Field

hashtag
Success Response

hashtag
NormalizationPackage - UploadPublic

Upload pak files that contain normalization package to public storage. This upload should be used for normalization packages only.

POST

hashtag
Headers

Field
Label in UI
Description

file_name

Name of the file to be uploaded.

Content-Type

application/octet-stream

replace_existing

Set the value of this parameter as 'true' to replace the existing file with the same name with the new file. Default value is 'false'. Value can be 'true' or 'false'. Optional field

hashtag
Parameters

Field
Label in UI
Type
Description

file

-

[Object]

(pak) to be uploaded. Mandatory Field

hashtag
Success Response

Last updated

Was this helpful?