You can use the built-in plugin APIs and built-in collector or fetcher APIs to configure and manage the built-in applications of Fabric-enabled LogPoints.
You can find the following built-in collector and fetcher APIs in the API Server:
Collector APIs |
Fetcher APIs |
|---|---|
FileSystemCollector |
FTPFetcher |
FTPCollectorPlugin |
SCPFetcher |
SyslogCollector |
SNMPFetcher |
SnareCollectorPlugin |
WMIFetcherPlugin |
SNMPTrapCollector |
|
SFlowCollectorPlugin |
Note
You can list the collectors or fetchers configured in a Fabric-enabled LogPoint by using the Devices - List API.
The Collector APIs allow you to create, edit, and delete collectors on behalf of Fabric-enabled LogPoints.
Collectors listen to dedicated ports and transfer the logs for further processing.
The FileSystemCollector API allows you to create, edit, and delete file system collectors on behalf of a Fabric-enabled LogPoint.
A file system collector captures all the internal logs from collectors, web servers, mergers, normalizers, and all the other applications of a Fabric-enabled LogPoint.
Endpoint |
Description |
|---|---|
Create |
Creates a new file system collector. |
Edit |
Edits the file system collector with the given ID. |
Trash |
Deletes the file system collector with the given ID. |
The FTPCollectorPlugin API allows you to create, edit, and delete FTP collectors on behalf of a Fabric-enabled LogPoint.
An FTP collector collects logs from the files uploaded by users to the Fabric-enabled LogPoint using FTP clients.
Endpoint |
Description |
|---|---|
Create |
Adds a new FTP collector. |
Edit |
Edits the FTP collector with the given ID. |
Trash |
Deletes the FTP collector with the given ID. |
The SFlowCollectorPlugin API allows you to create, edit, and delete SFlow collectors on behalf of a Fabric-enabled LogPoint.
SFlow is a sampling technology used to monitor networks, wireless and host devices. The sampled packets are called flow packets. You can forward the flow packets into a Fabric-enabled LogPoint via the SFlow Collector.
Endpoint |
Description |
|---|---|
Create |
Adds a new SFlow collector plugin using device ID or policy ID. |
Edit |
Edits the SFlow collector plugin with the given ID. |
Trash |
Deletes the SFlow collector plugin with the given ID. |
The SnareCollectorPlugin API allows you to create, edit, and delete Snare collectors on behalf of a Fabric-enabled LogPoint.
A Snare collector collects and analyzes logs from the Windows Snare agent.
Endpoint |
Description |
|---|---|
Create |
Adds a new Snare collector plugin. |
Edit |
Edits the Snare collector plugin with the given ID. |
Trash |
Deletes the Snare collector plugin with the given ID. |
The SNMPTrapCollector API allows you to create, edit, and delete SNMP trap collectors on behalf of a Fabric-enabled LogPoint.
An SNMP trap collector collects logs from SNMP enabled devices. SNMP traps are alert messages that devices use to notify the SNMP manager about the occurrence of significant events.
Endpoint |
Description |
|---|---|
Create |
Adds a new SNMP trap collector. |
Edit |
Edits the SNMP trap collector with the given ID. |
Trash |
Deletes the SNMP trap collector with the given ID. |
The SyslogCollector API allows you to create, edit, and delete Syslog collectors on behalf of a Fabric-enabled LogPoint.
A Syslog collector is used to collect data from the sources following the Syslog protocol. Once you add a device, it can be utilized either as a proxy or as a device depending on its configuration mode.
Endpoint |
Description |
|---|---|
Create |
Adds a new Syslog collector. |
Edit |
Edits the Syslog collector with the given ID. |
Trash |
Deletes the Syslog collector with the given ID. |
The Fetcher APIs allow you to create, edit, and delete fetchers on behalf of Fabric-enabled LogPoints.
Fetchers fetch logs from a remote location. You need to provide relevant parameters to configure the fetchers.
The FTPFetcher API allows you to configure and manage FTP fetchers on behalf of a Fabric-enabled LogPoint.
The configuration of the FTP fetcher sets up an FTP client in the Fabric-enabled LogPoint. Once the FTP client is configured, you can pull the log files hosted on remote FTP servers.
Endpoint |
Description |
|---|---|
Create |
Adds a new FTP fetcher. |
Edit |
Edits the FTP fetcher with the given ID. |
TestExisting |
Tests the FTP fetcher with the given ID. |
TestNew |
Tests the newly created FTP fetcher. |
Trash |
Deletes the FTP fetcher with the given ID. |
The SCPFetcher API allows you to configure and manage SCP fetchers on behalf of a Fabric-enabled LogPoint.
An SCP fetcher fetches logs from the log files present in a remote host using the SSH connection.
Endpoint |
Description |
|---|---|
Create |
Adds a new SCP fetcher. |
Edit |
Edits the SCP fetcher with the given ID. |
TestExisting |
Tests the SCP fetcher with the given ID. |
TestNew |
Tests the newly created SCP fetcher. |
Trash |
Deletes the SCP fetcher with the given ID. |
The SNMPFetcher API allows you to configure and manage SNMP fetchers on behalf of a Fabric-enabled LogPoint.
An SNMP fetcher allows you to make SNMP queries to network devices to get the responses into the LogPoint. You can then use these responses as event logs for further analysis.
Endpoint |
Description |
|---|---|
Create |
Adds a new SNMP fetcher. |
Edit |
Edits the SNMP fetcher with the given ID. |
TestExisting |
Tests the SNMP fetcher with the given ID. |
TestNew |
Tests the newly created SNMP fetcher. |
Trash |
Deletes the SNMP fetcher with the given ID. |
The WMIFetcherPlugin API allows you to configure and manage WMI fetcher plugin on behalf of a Fabric-enabled LogPoint.
Windows Management Instrumentation (WMI) is a platform developed by Microsoft for sharing information and notifications. You can use the WMI fetcher to collect the information from the Windows devices using the WMI service.
Endpoint |
Description |
|---|---|
Create |
Adds a new WMI fetcher using device ID or policy ID. |
Edit |
Edits the WMI fetcher with the given ID. |
TestExisting |
Tests the WMI fetcher with the given ID. |
TestNew |
Tests the newly created WMI fetcher. |
Trash |
Deletes the WMI fetcher with the given ID. |
These APIs allow you to configure and manage plugins on behalf of Fabric-enabled LogPoints.
The IPLookup API allows you to install and manage the IP Lookup Plugin on behalf of a Fabric-enabled LogPoint. The API also allows you to upload CSV files used by the plugin.
The IP Lookup Process Plugin enriches the log messages with the Classless Inter-Domain Routing (CIDR) address details uploaded in CSV format during the configuration of the plugin.
For a chosen IP type within log results, this plugin matches the IP with the content of the user-defined Lookup table and hence enriches them by adding the CIDR details.
Endpoint |
Description |
|---|---|
Delete |
Deletes an IP lookup table with the given ID. |
Install |
Installs the applications and patches already uploaded to the Fabric Storage, to the Fabric-enabled LogPoint. |
List |
Lists the IP Lookup tables. |
TrashPrivate |
Deletes the file with the given name from the private storage. |
TrashPublic |
Deletes the file with the given name from the public storage. |
UploadPublic |
Uploads the files to the private storage. |
UploadPublic |
Uploads the files to the public storage. |
UploadsList |
Lists the files uploaded in the private storage. |
UploadsListPublic |
Lists the files uploaded in the public storage. |
The LDAPAuthentication API allows you to configure and manage the LDAP Authentication strategies on behalf of a Fabric-enabled LogPoint.
The LDAP (Lightweight Directory Access Protocol) is an application protocol developed to access and maintain distributed directory information services over an Internet Protocol (IP) network. You can use the LDAP service to authenticate for a Fabric-enabled LogPoint.
You need to configure the LDAP strategy in LogPoint to use the LDAP service.
Endpoint |
Description |
|---|---|
Activate |
Activates the LDAP authentication strategy in the LogPoint. |
Create |
Adds a new LDAP authentication strategy. |
Deactivate |
Deactivates the LDAP authentication strategy in the LogPoint. |
Edit |
Updates the existing LDAP strategy with the given ID. |
Get |
Fetches the LDAP strategy with the given ID. |
GetLDAPGroup |
Fetches the LDAP users group with the given ID. |
List |
Lists the LDAP strategies. |
ListLDAPGroup |
Lists the LDAP users groups. |
MapLDAPGroup |
Maps the LDAP user group to LogPoint user group. |
RefreshLDAPGroupList |
Updates the list of LDAP user groups. |
Trash |
Deletes the LDAP strategy with the given ID. |