Configure LPSM
You can configure system settings, monitor system performance, upload patches, backup and restore configurations, manage applications, and configure the Director setup settings from the System section.
You can also customize general settings, search related settings, date/time settings, notification settings and change the system password from the My Preferences section.
System Monitor
System Monitor contains widgets that display the system status.
You can view the status of different menu items such as Services, System Processes, Network Stack, Routing Table, ARP Table, Network Interfaces, and Disk Usage.
Services
Services lists all the service applications running in LPSM. You can view the status of each application and start, stop, or restart the services.
Start Services
To initiate an application service, click the Start Service (
) icon from the Actions column.
To start all services, click Start All.
Stop Services
To stop an application service, click the Stop Service (
) icon from the Actions column.
To stop all services, click Stop All.
Restart Services
To restart an application service, click the Restart Service (
) icon from the Actions column.
To restart all services, click Restart All.
System Processes
System Processes shows all the processes running on the operating system where LPSM is installed. The process list shows information such as users, memory used by processes, commands on the run, and process IDs.
Network Stack
Network Stack shows information about the used network protocols and their corresponding network details.
Routing Table
Routing Table displays the routes to particular network destinations.
Address Resolution Protocol (ARP) Table
ARP Table displays a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network. The item data lists the connection status for this protocol.
Network Interfaces
Network Interfaces displays the network status of LPSM. It also displays the status of all the active interfaces such as eth0, l0, he-ipv6, tun0, tun1, and tun10000.
Disk Usage
Disk Usage displays the total disk space used by the LPSM file systems. It also displays the available disk, disk usage, and location of the file system.
System Monitoring via SNMP
You can use SNMPv2 or SNMPv3 to monitor the status of the LPSM system components and services using their respective OIDs.
LPSM uses the base OID 1.3.6.1.4.1.54322.4 to get a list of the exposed OIDs and their corresponding information. You can also use the OID of the individual system components and services in LPSM to get their status.
Syntax for snmpwalk via SNMPv2:
Syntax for snmpwalk via SNMPv3:
System Settings
System Settings allows you to configure all system related settings for LPSM. It enables you to configure general settings, SMTP settings, NTP settings, SNMP settings, HTTPS settings, support connection settings and allows you to set the SSH Key Pair for li-admin.
Each setting needs to be saved separately before moving on to the next setting.
General
Go to
Settings >> System >> System Settings.Select General.
Enter a Logpoint Name, a Browser tab title, and a Server Alias.
Updating the Server Alias does not update the system IP Address or the DNS. If the Server Alias field is empty, copy the value of the IP field into it.
The Identifier is the unique value given to each Logpoint.
Select Default Login Screen From either Logpoint Authentication or LDAP Authentication. Once a mode of authentication is chosen, the default login screen is always the same unless changed.
In Session Inactivity Timeout, enter the Timeout (minutes) period. If you are inactive for longer than the specified period, you are logged out of the system.
In Remote Request Timeout, enter the Timeout (seconds) period . If the request from LPSM to Logpoint takes longer than the specified period, the request is closed.
Click Save.
SMTP
SMTP is used to send emails from LPSM for the following:
To send the email for resetting the user password. To reset password, click Forgot Password? on login.
To send the email after the Data Privacy Request has been granted. Go to Email Template for more information.
Go to
System >> Settings >> System Settings.Select SMTP.
Enter the Server/Port address to enable SMTP service.
Enter a Sender Name and a Email address.
If you enable the Login Required option, you need to enter the Username and Password.
Click Save.
To test the configuration:
Click the SMTP Test section.
Enter the Subject of the test email.
Enter an Email address.
Enter a test Message.
Click Test SMTP. The email address mentioned above gets an email if the SMTP setting is configured correctly.
NTP
NTP synchronizes the time of your server with a network time server.
Go to
Settings >> System >> System Settings.Select NTP.
Check the Is NTP enabled? option.
Enter the Server address. You can add multiple server addresses by clicking the Add (
) icon.Click Save.
SNMP
If you enable the SNMP port, LPSM listens to the OIDs (Object Identifiers) that are forwarded to the 161 port.
Go to
Settings >> System >> System Settings.Select SNMP.
Select Enable or Disable SNMPD port (UDP 161).
Enter the Community String if you select Enable.
Click Save.
To know the exposed OID for the LPSM machine, run the snmpwalk command snmpwalk -v 2c -c public <ip_of_Logpoint Search Master>.
HTTPS
The HTTPS service authenticates LPSM and prevents eavesdroppers from accessing the data in the network. HTTPS secures the server connection so that the LPSM users can safely access it from the internet.
Go to
Settings >> System >> System Settings.Select HTTPS.
Browse for the HTTPS Certificate and Key, and upload them.
Click Save.
Support Connection
Support Connection creates an encrypted end-to-end communication channel between the Logpoint Search Master and the Logpoint Support. It is used by the Logpoint Support team to understand, troubleshoot, and fix issues with your deployment.
Before enabling the support connection, make sure that your firewall is not blocking the connection from the LPSM to reverse.logpoint.com on port 1193/UDP.
Go to
Settings >> System >> System Settings.Select Support Connection.
Support Connection
Check the Enable Support Connection checkbox.
Enter the Support Connection Enable Duration. The support session expires after the duration exceeds. Support connection stays enabled if: - You select 0:0:0 as the time duration. - You check the Enable Support Connection Forever checkbox.
Click Save.
SSH Key Pair for li-admin
An LPSM Administrator can generate SSH certificates for the li-admin user to access the LPSM through the console.
Go to
Settings >> System >> System Settings.Select SSH Key Pair for li-admin.
Enter a PASS PHRASE.
Click Re-Generate Key Pair.
Copy the Private Key and save it in a file.
Use the following command to make the key accessible for an SSH connection:
Use the following command to establish an SSH connection:
Enter the PASS PHRASE to establish the SSH connection from the remote device.
Lockout Policy
The Lockout Policy lets you control user login and password security attributes. LPSM locks your account for a specific lockout duration if you make multiple failed login attempts.
Lockout threshold: The Lockout threshold determines the number of failed login attempts that cause a user account to be locked. By default, the lockout threshold value is five. You can set a threshold value from 0 to 999, where 0 means a user account is never locked.
After three consecutive failed login attempts, you need to enter a CAPTCHA in addition to the username and password. If you make additional unsuccessful login attempts, that is, if you enter a wrong username, password, or CAPTCHA and reach the specified lockout threshold, your account is locked out for the specified lockout duration.
Lockout duration: The Lockout duration determines the number of minutes that an account remains locked out. By default, the lockout duration value is 30 minutes. After the lockout duration is over, you get one more login attempt. If this attempt fails, your account is locked for an additional specified lockout period. This process continues until you login with valid credentials. You can set a lockout duration value from 1 to 99999.
After a user is locked out, a User Locked icon appears in the Actions column of the respective user under Settings >> User Accounts >> Users. The LPSM administrator can unlock the locked users by clicking the icon.
Configure Lockout Policy
Go to
Settings >> System >> System Settings.Select Lockout Policy.
Enter the Lockout threshold. By default, the lockout threshold value is set to 5.
Enter the Lockout duration (in minutes). By default, the lockout duration value is set to 30 minutes.
Click Reset to reset the values to default.
Click Submit.
Applications
You can upload application packages and import Plugins in LogPoint Search Master from the Applications page. An application package is a collection of pluggable components such as Authentication and System Notification. LPSM provides the LPSM_Default package by default.
Add an Application Package
Go to
Settings >> System >> Applications.Click Import. Import:
Import application:
Browse the file with the .pak extension. The released .pak files can be downloaded from the LogPoint Help Center.
Click Upload.
Click Details (
) from the Actions column to view the packages included in the application. Use Filter to browse different categories of the packages.Click Jobs to view the status details of all the imported applications.
Plugins
Enables connection to external data and systems so you can add specific features and functionality to your Logpoint platform. Termed ”Plugins” in the Logpoint UI, they are a synonymous with Authentication, Process Commands, Collectors, Fetchers and Enrichment integrations.
Currently, there are three out-of-the-box authentication integrations for Director LPSM:
LDAP Authentication
You can request new features from Logpoint Customer Service. When the feature is developed, the .pak file of the new integration is uploaded in Integrations of the Logpoint Service desk. You can then download the latest version of the integration and import the .pak file from Settings >> System >> Applications in LPSM.
To install, import the .pak file. After installation it is listed in INSTALLED PLUGINS in Settings >> System >> Plugins.
LDAP Authentication
LDAP (Lightweight Directory Access Protocol) integration in LPSM offers User Authentication, User Management, Role-Based Access Control, and Centralized Data Management.
You can use LDAP for LPSM login authentication and configure it to pull user authentication and role-based access control rules from your LDAP directory. LPSM users are already defined in LDAP so you don’t need to recreate them.
By default, LDAP Authentication is automatically installed in LPSM and cannot be deleted. Configure the LDAP Strategy in LPSM to use LDAP. LDAP strategy is the rules and configurations for deploying and maintaining LDAP services for your organization. LDAP strategy can vary depending on what your needs and objectives are.
Configure LDAP Strategy
Go to
Settings >> System >> Plugins.
Click Manage for the LDAP Authentication.
Click Add.
Enter a Name and its Description for the LDAP strategy.
Enter the Host/Port address for the LDAP server that authenticates the user.
Enable the SSL (Secure Sockets Layer) option to establish an encrypted link.
Enter a Bind DN which is a distinguished name for the LDAP server.
Enter and confirm the Password to authenticate the user.
For the User contains group info, enter the memberOf information.
For the Group contains user info, enter the member information.
In User Settings:
The User Base DN is the node under which the LDAP users are present.
The Group Mem Attr and the User Name Attr are attributes of the group member and the user provided in the database respectively.
The Filter is the string that filters the user results.
Select the Authenticate Using parameter from the drop-down which is required for login.
Select dn to use standard DN format for login.
Select uid to use uid for login (uid for Linux system).
Select SAM Account Name to use SAM Account Name for login (SAM Account Name for Windows).
In Group Settings:
Group Base DN is the node under which the LDAP groups are present.
Mem Group Attr contains group members.
Group Name Attr is the group name attribute from the database.
Select Enable or Disable the Enable Paginated Search option. You can choose to paginate the search if the remote server offers a paginated search.
Enter the Username Template and the Fullname Template in the jinja format.
For example: If the user attributes inside the Active Directory are displayName, FirstName and LastName, then:
Username Template = {{displayName}}
Fullname Template = {{FirstName}}{{LastName}}
Click Submit.
Map LDAP Groups to LPSM User Groups
After configuring an LDAP Strategy, LDAP groups can be mapped to LPSM User Groups. There is a particular scenario called LDAP concatenation of Users and Permission Groups, which maps multiple LDAP User Groups to LPSM User Groups. This scenario is described below in LDAP Concatenation of Users and Permission Groups.
Click the Map LDAP Groups to LogPoint User Groups (
) icon from the Actions column of an existing LDAP Strategy.
Click the LDAP Group Name.
Select LogPoint User Group and TimeZone from the drop-down. The LDAP Group Name and LDAP Group DN are populated by default.
Click Submit.
LDAP Concatenation of Users and Permission Groups
The LDAP user “LDAP User 1” belongs to LDAP Groups “LDAPG-1” and “LDAPG-2” in the LDAP directory.
There are two Permission Groups PG1 (with Read Site Permission only) and PG2 (with Read, Create, and Delete Site Permissions) created in Logpoint.
PG1 is mapped to User Group UG1, and PG2 is mapped to UG2.
UG1 has the Object Permission of Device-1 and Repo-1, and UG2 has the Object Permission of Device-2 and Repo-2.
If you map the LDAPG-1 to UG1 and LDAPG-2 to UG2, the LDAP User 1 has the concatenated Site and Object Permissions of UG1 and UG2. In this case, the Site Permission is Read, Create, and Delete and the Object Permission is of Device-1, Repo-1, Device-2, and Repo-2.
You can now use LDAP Authentication to log in to LPSM.
Strategy-User group Mapping - UI
LDAP server data is connected with LPSM and stored in the database. First, the connection is made with the LDAP server using data from the LDAP strategy. Once the connection is established, the data (LDAP group) from the server is obtained. After the LDAP groups are obtained, they are listed in the User Group Mapping. Here, the user must select the required LDAP group to map to the LPSM user group. Once the mapping is established, the content: LDAP group, user group, and the DN associated with it are stored in the database. Any update to user group mapping is reflected every time the user logs in to Logpoint.
Activate LDAP Strategy
Go to
Settings >> System >> Plugins.Click Manage from the LDAP Authentication plugin.
Click the Activate LDAP Strategy (
) icon from the Actions column of the LDAP Strategy.To activate multiple LDAP Strategies, select the relevant LDAP Strategies. Click the More drop-down and select Activate Selected.
To activate all LDAP Strategies, click the More drop-down and select Activate All.
To deactivate the LDAP Strategy, follow the same procedure.
Delete LDAP Strategy
Go to
Settings >> System >> Plugins.Click Manage from the LDAP Authentication plugin.
Click the Delete (
) icon from the Actions column of the LDAP Strategy.To delete multiple LDAP Strategies, select the concerned LDAP Strategies. Click the More drop-down and select Delete Selected.
To delete all LDAP Strategy, select the concerned LDAP Strategy. Click the More drop-down and select Delete All.
Click Yes.
Configure Default Domain for LDAP Authentication
Configuring a default domain for LDAP Authentication automates the domain selection process during login. LPSM automatically uses the configured default domain when you login using LDAP Authentication.
To configure a default domain:
Go to
Settings >> System Settingsfrom the navigation bar and click Plugins.Search for LDAP Authentication.
Click Manage.
Click Settings.
Select your domain from the Default Domain drop-down.
Click Save.
Supported Login formats (LDAP)
The following three parameters can be used to log in via LDAP.
Using DN:
Using sAMAccountName:
Using uid:
Communication
The parameters used for communication are:
Host
Port
Bind DN
Bind DN password
SSL enabled or not
There are two ways to communicate:
Simple communication
Communication using SSL
For simple communication, the Python-LDAP library is used. The host and the 389 port are used to connect to the LDAP server. Once the connection is established, Bind DN and Bind Password are used to bind to the required user.
For SSL communication, the first step is to set the certificate for the SSL connection. After the certificate is set, the process is similar to simple communication. Here, the port used is 636.
My Preferences
Click the User drop-down on the top-right corner of the interface and select My Preferences.
General
Select Show settings item help to display help on various items on the Settings page. After enabling the option, when you hover the mouse on any one of the items, you can see the details of the settings item on the right side of the screen.
Select the Result limit from the drop-down to customize the display size of pages in the Settings page.
Click Submit.
Search
Enable the Display search help pop-up option to display the drop-down search assistance while writing a query.
Enable the Hide Histogram in Search Page option as per your requirement.
Select the Disable Interesting Fields in Search Page option to hide the Interesting Fields window from the Search page.
Click Submit.
Last updated
Was this helpful?