Bundled Applications — Install and Upgrade Logpoint release/7.1.3 documentation

Plugins¶

Plugins are components that enhance your existing system by adding new pre-configured features. You can request new features and install the plugin in your system to use it. You do not have to wait for product release to use it.

In LogPoint, the plugin categories are:

Authentication
Collectors and Fetchers
Parsers
Process
Enrichment
UEBA
Knowledge Base
System Notifications
Security Analytics Components

Applications¶

Applications are packages that consists of multiple plugins of different categories. You can use applications to enhance the knowledge base section of LogPoint. Applications usually provide pre-built:

Dashboards
Normalization packages, label packages, and search packages
Reports
Alerts
Log collection policies
Compiled normalizers
Other plugins

For example, the Cisco application consists of dashboards, normalization packages, label packages, search packages, log collection policies, alerts, and compiled normalizers related to the Cisco firewall. Once you install the Cisco application, all the components are available for you.

LogPoint provides application for different systems such as Windows Server 2003, Windows Server 2008, Windows, Cisco, Active Directory, Web analytic, Firewall, Juniper, Snort, Palo Alto, Nginx, Oracle, and HP Switch.

The default LogPoint application cannot be deleted. It contains plugins of the following categories:

Authentication
Collectors and Fetchers
Knowledge Base
System Notifications

You must import all the plugins from the Applications page but view their details from the Plugins page.

Bundled Plugins¶

The following plugins are bundled with LogPoint:

Bundled Plugins¶
Plugins	LogPoint v7.1.0	LogPoint v7.1.1	LogPoint v7.1.2, LogPoint v7.1.3
Collectors and Fetchers
Azure Log Analytics	5.0.2	5.0.2	5.0.2
BoxAudit	5.1.1	5.1.1	5.1.1
Checkpoint Firewall	5.0.2	5.0.2	5.0.2
CIFS Fetcher	5.1.0	5.1.0	5.1.1
Cisco Umbrella	5.2.0	5.2.0	5.2.0
CiscoAMP	5.2.0	5.2.0	5.2.0
CloudTrail	5.0.2	5.0.2	5.2.0
Cloudwatch	5.0.1	5.0.1	5.0.1
DUO Security	5.0.0	5.0.0	5.0.0
EventHubs	5.1.1	5.1.1	5.1.4
GSuite	6.0.0	6.0.0	6.0.0
Incapsula	6.0.0	6.0.0	6.0.0
LogPoint Agent Collector	5.2.2	5.2.2	5.2.2
Microsoft Defender ATP	5.1.0	5.1.0	5.1.0
Mitel Fetcher	5.0.0	5.0.0	5.0.0
MysqlRDS	5.0.1	5.0.1	5.0.1
ODBC Fetcher	5.0.1	5.0.1	5.0.1
Office 365	5.2.0	5.2.0	5.3.0
Oracle	5.0.3	5.0.3	5.0.3
Salesforce	5.0.0	5.0.0	5.0.0
SCP Fetcher Lite	5.0.0	5.0.0	5.0.0
Syslog Forwarder File Fetcher	5.0.0	5.0.0	5.0.0
VeritasSaaS Backup	5.0.0	5.0.0	5.0.0
VPCFlowLog	5.0.1	5.0.1	5.0.1
Vulnerability Management	6.1.1	6.1.1	6.1.1
Universal REST API Fetcher	1.0.0	1.0.0	1.0.1

Process Plugins
Base16	3.5.0	3.5.0	3.5.0
Clean Char Process Plugin	3.1.0	3.1.0	3.1.0
Compare Network Process Plugin	3.1.0	3.1.0	3.1.0
Compare Process Plugin	3.1.0	3.1.0	3.1.0
Count Char Process Plugin	3.1.0	3.1.0	3.1.0
Current Time Process Plugin	3.1.0	3.1.0	3.1.0
Damerau-Levenshtein	5.0.0	5.0.0	5.0.0
DNS	3.1.0	3.1.0	3.1.0
DNS Cleanup Process Plugin	3.1.0	3.1.0	3.1.0
Experimental Median Quartile Quantile	5.0.0	5.0.0	5.0.0
FormatDate	3.0.0	3.0.0	3.0.0
Grok Process Plugin	3.0.1	3.0.1	3.0.1
InRange Process Plugin	3.1.0	3.1.0	3.1.0
IP Lookup Process Plugin	5.0.0	5.0.0	5.0.0
Lookup Process Plugin	5.1.0	5.1.0	5.1.0
MacToVendor	5.0.0	5.0.0	5.0.0
Randomize	3.4.0	3.4.0	3.4.0
Regex	5.0.0	5.0.0	5.0.0
Spotcheck	3.4.0	3.4.0	3.4.0
WhoIsLookup	4.0.0	4.0.0	4.0.0
AsciiConverter	3.0.0	3.0.0	3.0.0
Codec Process Plugin	3.1.0	3.1.0	3.1.0
Evaluation Process Plugin	3.0.0	3.0.0	5.0.0
Dynamic List Process Plugin	3.0.0	3.0.0	3.0.0
Dynamic Table Process Plugin	3.0.0	3.0.0	3.0.0

Parsers
DB2 Parser	5.0.0	5.0.0	5.0.0
RACF Parser	5.0.0	5.0.0	5.0.0

Enrichment Plugins
ODBC Enrichment Source	5.1.0	5.1.0	5.1.0
CSV Enrichment Source	5.1.0	5.1.0	5.2.0
LDAP Enrichment Source	5.0.0	5.0.0	5.0.0
Threat Intelligence	6.1.0	6.1.0	6.1.0
IPtoHost Enrichment Source	5.0.0	5.0.0	5.0.0
GEOIP	5.1.0	5.1.0	5.1.0
Recorded Future	6.0.0	6.0.0	6.0.0
Stix Taxii	6.0.0	6.0.0	6.0.0
Oracle Enrichment Source	5.0.0	5.0.0	5.0.0

Authentication Plugins
ADFS Authentication	6.0.0	6.0.0	6.0.0
OAuth Authentication	6.0.0	6.0.0	6.0.0
Radius Authentication Plugin	6.0.0	6.0.0	6.0.0
SAML Authentication	6.0.0	6.0.0	6.0.0

UEBA
UEBA PreConfiguration Plugin	5.0.2	5.0.2	5.0.2

Others
Distinct List	3.0.0	3.0.0	3.0.0
Mitre Dataset Updater	6.1.0	6.1.0	6.1.0
Symantec Cloud Security	5.0.1	5.0.1	5.0.1
Virus Total	5.0.0	5.0.0	5.0.0
SOAR	1.0.2	1.0.4	1.1.0

Bundled SA Applications¶

The following Security Analytics applications are bundled with LogPoint:

Bundled SA Applications¶
SA Applications	LogPoint v7.1.0	LogPoint v7.1.1	LogPoint v7.1.2
A10 Networks	5.0.2	5.0.2	5.0.2
Activtrak	5.0.0	5.0.0	5.0.0
Airlock	5.0.0	5.0.0	5.0.0
AIX	5.0.0	5.0.0	5.0.0
Agile SI	5.0.2	5.0.2	5.0.2
Apache HTTP Server	5.0.1	5.0.1	5.0.1
Alert Rules	5.3.9	5.3.12	5.3.14
Arbor Networks	5.0.0	5.0.0	5.0.0
ARP Guard	5.0.1	5.0.1	5.0.1
Artica Proxy	5.0.0	5.0.0	5.0.0
Aruba	5.0.2	5.0.2	5.0.2
Ascom UCM	5.0.0	5.0.0	5.0.0
Asterisk	5.0.0	5.0.0	5.0.0
Avaya NAC	5.0.0	5.0.0	5.0.0
AzureLogAnalytics	5.0.2	5.0.2	5.0.2
Barracuda	5.3.0	5.3.0	5.3.0
Balabit	5.0.0	5.0.0	5.0.0
Beyond Trust	5.0.0	5.0.0	5.0.0
BIG-IP	5.0.2	5.0.2	5.0.2
Bintec Router	5.0.0	5.0.0	5.0.0
BitDefender	5.0.1	5.0.1	5.0.1
Blue Coat	5.0.1	5.0.1	5.0.1
Bomgar	5.0.0	5.0.0	5.0.0
BRO IDS	5.0.0	5.0.0	5.0.0
Broadcom	5.0.0	5.0.0	5.0.0
Brocade	5.0.1	5.0.1	5.0.1
Carbon Black	5.1.0	5.1.0	5.1.0
Centrify	5.0.1	5.0.1	5.0.1
CAS Server	5.0.0	5.0.0	5.0.0
CEF Compiled Normalizer	5.0.1	5.0.1	5.0.1
Cisco	5.1.0	5.2.0	5.2.0
Citrix	5.2.0	5.2.0	5.2.0
Clavister CorePlus	5.0.1	5.0.1	5.0.1
ClearSwift	5.0.0	5.0.0	5.0.0
Couchbase	5.0.2	5.0.2	5.0.2
Crowdstrike			5.0.0
CyberArk	5.0.2	5.0.2	5.0.2
Cyberlytics	5.0.1	5.0.1	5.0.1
Cyberoam	5.0.1	5.0.1	5.0.1
CSVNormalizer	5.1.1	5.1.1	5.1.1
Cylance	5.0.3	5.0.3	5.0.3
DarkTrace	5.1.0	5.1.0	5.1.0
Dell	5.0.1	5.0.1	5.0.1
Deny All WAF	5.1.0	5.2.0	5.2.0
DNS Analytics	5.0.0	5.0.0	5.0.0
Dovecot	5.0.0	5.0.0	5.0.0
Draytek Vigor 3300V Firewall	5.0.0	5.0.0	5.0.0
Dropbear	5.0.0	5.0.0	5.0.0
EnGenius	5.0.0	5.0.0	5.0.0
ESET Antivirus	5.0.3	5.0.3	5.0.3
EndPoint Protector	5.0.0	5.0.0	5.0.0
Exim	5.0.1	5.0.1	5.0.1
Extreme Network	5.0.0	5.0.0	5.0.0
EZ Proxy	5.0.0	5.0.0	5.0.0
Fail2ban	5.0.0	5.0.0	5.0.0
Faxmaker	5.0.0	5.0.0	5.0.0
Filezilla	5.0.0	5.0.0	5.0.0
FireEye	5.0.1	5.0.1	5.0.1
First Class	5.0.1	5.0.1	5.0.1
ForeScout	5.0.1	5.0.1	5.0.1
FortiGate	5.1.0	5.2.1	5.2.1
Free IPA	5.0.0	5.0.0	5.0.0
Free Radius	5.0.1	5.0.1	5.0.1
FSecure	5.0.1	5.1.0	5.1.0
GateWatcher	5.0.0	5.0.0	5.0.0
Genua Firewall	5.0.0	5.0.0	5.0.0
Halon Mail Security and Firewall Appliance	5.0.0	5.0.0	5.0.0
HA Proxy	5.0.0	5.0.0	5.0.0
Hitachi NAS	5.0.0	5.0.0	5.0.0
Honeyd	5.0.0	5.0.0	5.0.0
HP	5.1.0	5.1.0	5.1.0
IBM	5.0.1	5.0.1	5.0.1
IBoss	5.0.1	5.0.1	5.0.1
InfoBlox	5.0.1	5.0.1	5.0.1
JSON Normalizer	5.1.0	5.1.0	5.1.0
Juniper Firewall	5.0.1	5.0.1	5.0.1
Kaspersky	5.0.1	5.0.1	5.0.1
Kemp Technologies	5.0.0	5.0.0	5.0.0
Kiteworks	5.0.0	5.0.0	5.0.0
LEEF Normalizer	5.0.0	5.0.0	5.0.0
Lenovo	5.0.0	5.0.0	5.0.0
LogPoint	5.2.1	5.2.1	5.2.1
Malwarebytes	5.0.1	5.0.1	5.0.1
McAfee EPO	5.1.0	5.1.0	5.1.0
Meru	5.0.0	5.0.0	5.0.0
Microsoft ATA	5.1.0	5.1.0	5.1.0
Microsoft TMG	5.0.0	5.0.0	5.0.0
Microsoft Dynamic NAV	5.0.1	5.0.1	5.0.1
Microsoft Exchange	5.1.0	5.1.0	5.1.0
Microsoft IIS	5.1.0	5.1.0	5.1.0
Mideye	5.0.0	5.0.0	5.0.0
Mimecast	5.0.1	5.0.1	5.0.1
Mobile Iron	5.0.0	5.0.0	5.0.0
Mobility Guard	5.0.0	5.0.0	5.0.0
MSSQL	5.0.1	5.0.1	5.0.1
Multi Modem iSMS	5.0.0	5.0.0	5.0.0
NCSCross	5.0.0	5.0.0	5.0.0
Netgear Firewall	5.0.0	5.0.0	5.0.0
NginX	5.0.1	5.0.1	5.0.1
Nortel Contivity Secure	5.0.0	5.0.0	5.0.0
Nozomi	5.0.0	5.0.0	5.0.0
Nutanix	5.0.0	5.0.0	5.0.0
Onapsis Security	5.0.0	5.0.0	5.0.0
OpenDJ	5.0.1	5.0.1	5.0.1
OpenLDAP	5.0.0	5.0.0	5.0.0
OpenVMS	5.0.0	5.0.0	5.0.0
OpenVPN	5.0.0	5.0.0	5.0.0
PaloAlto Network Firewall	5.3.0	5.3.0	5.3.0
Passwordstate	5.0.0	5.0.0	5.0.0
Pega	5.0.0	5.0.0	5.0.0
Peplink	5.0.0	5.0.0	5.0.0
Perago	5.0.0	5.0.0	5.0.0
PfSense Firewall	5.0.1	5.0.1	5.0.1
Ping Identity	5.0.0	5.0.0	5.0.0
PointSharp	5.1.0	5.1.0	5.1.0
PortWise	5.0.0	5.0.0	5.0.0
PostFix	5.0.1	5.1.0	5.1.0
Proofpoint	5.1.0	5.1.0	5.1.0
PRTG Network Monitor	5.0.0	5.0.0	5.0.0
Qmail	5.0.1	5.0.1	5.0.1
Radware DefensePro	5.0.1	5.0.1	5.0.1
Ransomware Analytics	5.0.2	5.0.2	5.0.2
RedSocks	5.0.1	5.0.1	5.0.1
Regulatory Compliance	5.0.0	5.0.0	5.0.0
Rhebo	5.0.1	5.0.1	5.0.1
RSA SecurID	5.0.0	5.0.0	5.0.0
Rubrik	5.0.1	5.0.1	5.0.1
Ruckus Networks	5.0.0	5.0.0	5.0.0
Safenet	5.0.0	5.0.0	5.0.0
Samba	5.0.0	5.0.0	5.0.0
Secure DNS	5.0.1	5.0.1	5.0.1
Sendmail	5.0.1	5.0.1	5.0.1
SentinelOne	5.0.1	5.0.1	5.0.1
Shavlik Protect	5.0.0	5.0.0	5.0.0
Shibboleth	5.0.1	5.0.1	5.0.1
Sidewinder Firewall	5.0.1	5.0.1	5.0.1
Sitecore	5.0.0	5.0.0	5.0.0
Smoothwall Webproxy	5.0.0	5.0.0	5.0.0
SMS Passcode	5.0.2	5.0.2	5.0.2
SnapGear Firewall	5.0.0	5.0.0	5.0.0
Snapt Haproxy	5.0.0	5.0.0	5.0.0
Snort	5.0.0	5.0.0	5.0.0
SonicwallFirewall	5.0.1	5.0.1	5.0.1
Sophos	5.1.0	5.1.0	5.2.0
Spectrum Protect	5.0.0	5.0.0	5.0.0
Squid	5.0.1	5.0.1	5.0.1
Stonesoft	5.0.1	5.0.1	5.0.1
Stormshield Normalizer	5.1.0	5.1.0	5.1.0
Suricata IDS	5.0.0	5.0.0	5.0.0
Symantec Security	5.0.1	5.0.1	5.0.1
Teamcenter	5.0.0	5.0.0	5.0.0
Thycotic			5.0.0
TinyProxy	5.0.0	5.0.0	5.0.0
Trapeze WLAN Controller	5.0.0	5.0.0	5.0.0
Trend Micro	5.0.1	5.1.0	5.1.0
Trustwave SEG	5.0.2	5.0.2	5.0.2
UEBA Analytics	5.1.0	5.1.0	5.1.0
UseCases	5.1.2	5.1.2	5.1.2
Unix	5.2.1	5.2.1	5.2.1
Vade Retro AntiSpam	5.0.0	5.0.0	5.0.0
Varonis	5.0.0	5.0.0	5.0.0
Vectra AI	5.0.0	5.0.0	5.0.0
Veritas	5.0.2	5.0.2	5.0.2
VeriSecFreja	5.0.0	5.0.0	5.0.0
Vmware ESX/ESXi	5.0.2	5.0.2	5.0.2
vShield Edge LoadBalancer	5.0.2	5.0.2	5.0.2
Wallix	5.0.0	5.0.0	5.0.0
WatchGuard Firewall	5.0.1	5.0.1	5.0.1
Web Analytics	5.0.0	5.0.0	5.0.0
Websense	5.2.0	5.2.0	5.2.0
Windows	5.4.4	5.4.5	5.4.6
XML Compiled Normalizer	5.0.0	5.0.0	5.0.0
Zeek	5.0.0	5.0.0	5.0.0
Zertificon	5.0.0	5.0.0	5.0.0
Zscaler	5.1.0	5.1.0	5.1.0

To install any other application, you can download the latest version of the application and import the .pak file from the Applications page in LogPoint.

You can view version-based changes in the application’s Release Notes.

Version:

Page Contents

Bundled Applications¶

Plugins¶

Applications¶

Bundled Plugins¶

Bundled SA Applications¶