Configure Operations

Blocked and Ignored IPs

The Blocked and Ignored IPs page lets you view the lists of Blocked IPs and Ignored IPs. Blocked IPs list the IP addresses of the devices that are not allowed to send logs to a LogPoint and Ignored IPs lists the IP addresses of the devices that you delete from the Blocked IPs list.

You can view all the IPs that send logs to a LogPoint without being configured to it. You can also configure a device to an IP address to access the logs dispatched by the IP.

You can perform the following actions on the IPs from the Blocked IPs list:

Create Devices

Go to Configure >> Settings >> Operations >> Blocked and Ignored IPs.
Select the LogPoint instances where you want to create a device.
Click Next.
Click the Edit () icon from the Actions column in the Blocked IPs section to create a device for an IP. This action redirects you to the Create Device page.
- In the Create Device page, the name and IP Address fields are auto-updated with the IP address details of which you need to create a device. Refer to the Devices section for details on how to create a device.
- An IP is moved to Ignored IPs from Blocked IPs list after you create a device for that IP. Click Refresh Blocked List to update the lists.

Ignore IPs

You can ignore an IP from the Blocked IPs list. Deleting an IP from the Blocked IPs list moves it to the Ignored IPs list and vice versa.

Configure Backup

The Configure Backup page lets you create configuration backup to store the system related information such as users, devices, permissions, normalization policies, and repos; and log and checksum backup to store logs, indexes, and their checksums.

Back up Configuration Data

Go to Configure >> Settings >> Operations >> Configure Backup.
Select the LogPoint instances where you want to create the configuration backup.
Click Next.
Select Configuration as the Backup Type.
Select Backup Mode.
If you select Backup Now, enable Report Backup to create a backup of the LogPoint generated report files.
If you select Schedule Backup:
1. Enter a Public Key to access the backup repositories.
2. Enable Report Backup to create a backup of the LogPoint generated report files.
3. Enable Schedule Backup to schedule the backup for a specific time. Enter a Backup Run Hour, a Backup Retention (Days), and select a backup Interval.
Click Next.
Review your changes. You can go Back to make any changes if necessary.
Click Download Report to save the summary of the task in PDF.
Click Finish.
Click OK.

Back up Logs and Checksum Data

Go to Configure >> Settings >> Operations >> Configure Backup.
Select the LogPoint instances where you want to create the logs and checksum backup.
Click Next.
Select Logs and Checksum as the Backup Type.
Select a Backup Mode.
1. If you select Backup Now, a full backup of the current state of all the available repos and their log buffers is taken.
2. If you select Schedule Backup, you can choose either None, Full, or Customized.
If you select None, enter a Public Key if necessary.
Logs and Checksum Backup - Full Schedule Backup:
If you select Full, enter a Public Key if necessary and a Backup Run Hour in the UTC timezone.
Logs and Checksum Backup - Customized Schedule Backup:
If you select Customized:
1. Enter a Public Key.
2. Enter a Backup Run Hour in the UTC timezone and a Backup Retention (Days).
3. Select a Backup Date. If you choose Specified time, select a date from when you want to create the backup from the Backup From option.
4. Select the repos to backup and click Add to List.
Click Next.
Review your changes. You can go Back to make any changes if necessary.
Click Download Report to save the summary of the task in PDF.
Click Finish.
Click OK.

LDAP Strategy

LDAP (Lightweight Directory Access Protocol) is an application protocol developed to access and maintain distributed information services over an IP network. LDAP Authentication allows an admin to assign different levels of access to users to keep the information secure.

LogPoint uses the LDAP service to authenticate its users. In Director Console, you can configure an LDAP Strategy for LogPoint.

Create LDAP Strategy

Go to Configure >> Settings >> Operations >> Create LDAP Strategy.
Select the LogPoint instances where you want to create the LDAP Strategy.
Click Next.
Enter a Name and its Description.
Enter a Host and a Port of the LDAP server.
Enable SSL (Secure Sockets Layer) to establish an encrypted link.
Enter a Bind DN which is an unique name for the LDAP server.
Enter and confirm the Password to authenticate the user.
In the LDAP User/Group Mapping section, select User Contains Group Info to search for the group information of a user or Group Contains User Info to search for the user information of a group.
Enter a User Base DN which is the path where the LDAP users are present in the directory.
Group Mem Attr and User Name Attr are attributes of the group member and the user as provided in the database.
The Filter attribute allows you to refine the user results.
Select Authenticate Using from the drop-down to authenticate the login.
- Select dn to use the standard DN format for login.
- Select uid to use it for login.
- Select Sam Account Name to use it for login.
Enter a Group Base DN which is the path under which the LDAP users are present in the directory.
Mem Group Attr and Group Name Attr are attributes of the member present in a group and the group name as provided in the database respectively. Both the fields are auto-generated.
The Filter attribute allows you to refine the group results.
In the User’s Unique Field section, select a Unique Field to uniquely identify each user.
In the Enable Paginated Search section, select Enable to paginate the search if the remote server offers paginated search service or select Disable to deactivate the paginated search.
In the Settings section, enter a Username Template and a Fullname Template in the jinja format.
Click Next.
Review your changes. You can go Back to make any changes if necessary.
Click Download Report to save the summary of the task in PDF.
Click Finish.
Click OK.

Manage LDAP Strategy

The Manage LDAP Strategy page allows you to edit, delete, and de-activate an LDAP Strategy and map LDAP groups to LogPoint user groups.

Refer to the Create LDAP Strategy section for details on how to create an LDAP Strategy.

Manage LDAP Strategy

Go to Configure >> Settings >> Operations >> Manage LDAP Strategy.
Select the LogPoint instances where you want to manage the LDAP Strategy.
Click Next.
In the Action column, click the Edit () icon to edit an LDAP strategy, click the Delete () icon to delete an LDAP strategy, or click the De-activate () icon to de-activate an LDAP strategy.
Click the Map LDAP Groups to LogPoint User Groups () icon to map LDAP groups to LogPoint user groups for an LDAP strategy. This action redirects you to the Manage LDAP Groups page.
You must refresh LDAP User Groups and LogPoint User Groups from the Refresh List APIs section before mapping LDAP groups to LogPoint user groups.
Enter the LDAP group name in the search bar and press Enter.
Click the Edit () icon from the Action column of the Manage LDAP Groups page.
In the Edit LDAP Group pop-up, select a Timezone and a LogPoint User Group.
Click Save.
Click Next.
Review your changes. You can go Back to make any changes if necessary.
Click Download Report to save the summary of the task in PDF.
Click Finish.
Click OK.

Refresh List APIs

When a regular LogPoint becomes Fabric-enabled, you cannot access some of the features and functionalities from its user interface. To access those features, you have to use the corresponding API or the Director Console.

When you use the corresponding API or the Director Console, you must use Refresh List APIs to sync the data of an entity between the LogPoint and the Director Fabric.

You can use Refresh List APIs to sync the data of the following entities:

Distributed Collectors
Distributed LogPoints
Enrichment Settings
Enrichment Sources
LDAP User Groups
Lists
LogPoint Users
LogPoint User Groups
Normalization Packages
Repo Paths
Support Connection Settings
General Settings Default Authentication Options

Refresh List API

Go to Configure >> Settings >> Operations >> Refresh List APIs.
Select the LogPoint instances where you want to refresh API.
If you select a LogPoint Collector, you can Refresh List for Support Connection Settings only.
Click Next.
Select the APIs from the list. You can select multiple APIs at once.
Select Create Task for Refresh List Operation? to create a task for the Refresh List operation.
Select Navigate to Tasks Page? to go to the Tasks page after the completion of a refresh list operation.
Click Refresh List.

Manage Backup

The Manage Backup page lets you restore and delete backups of a LogPoint at any instance.

Refer to Configure Backup for details on how to create a backup.

Restore Data from a Backup

Go to Configure >> Settings >> Operations >> Manage Backup.
Select the LogPoint instances where you want to restore data.
Click Next.
Select a Backup Type.
In the Action column, click the Delete () icon to delete a backup and click the Restore () icon to restore a backup.
You can restore multiple backups at once. When restoring, you can only backup one machine at a time.
Click Next.
Review your changes. You can go Back to make any changes if necessary.
Click Download Report to save the summary of the task in PDF.
Click Finish.
Click OK.