Logpoint Agent (Centralized), previously known as Logpoint Agent Collector, is a policy-driven log collection agent managed directly from the Logpoint SIEM. All lifecycle operations, including configuration, policy updates, and rollouts, are handled centrally, ensuring uniform behavior across all deployed agents. Its core capabilities include centralized configuration, consistent policy enforcement, and streamlined administration through the SIEM interface. It is best suited for environments that prefer predictable configurations, simplified management, and do not require high-throughput or load-balanced event handling.
Logpoint Agent (Centralized) Features
Event Log Collection
Flat File Collection
File Integrity Scanning
Windows Registry Scanning
Granular Event Filtering
Central Configuration
Log Position Tracking
Logpoint Agent (Centralized) Components
Collectors
Logpoint Agent Collector Powered by NxLog
LPACollectorServiceMonitor
Normalization Package
LP_Integrity Scanner
Window Installer
Logpoint Agent for Windows
Logpoint provides three agent options to support different deployment requirements: Logpoint Agent (Standalone), Logpoint Agent (Centralized), and AgentX. Each option offers distinct capabilities, ranging from scalable log collection to centrally managed configuration and endpoint detection. Use the following guidance to determine when Logpoint Agent (Centralized) is the most appropriate choice for your environment, and when to consider the alternative options.
Logpoint Agent (Standalone) is an independent, high-performance log collector designed for most production deployments. It supports high event throughput, load balancing, and standard UDP/TCP Syslog forwarding without requiring centralized control. This makes it well-suited for complex, distributed, or dynamic environments where scalability and resilience are essential.
Use Logpoint Agent (Standalone) when:
You need high-volume log collection.
The environment includes distributed, unstable, or intermittently connected networks.
Deployments require load balancing or support for high events-per-second (EPS).
Devices operate across NAT or variable IP addressing.
Avoid using Logpoint Agent (Standalone) when centralized configuration and policy management are mandatory. For environments that require central control, use Logpoint Agent (Centralized).
Logpoint Agent (Centralized) enables policy-driven log collection managed directly from the Logpoint SIEM. All agent lifecycle tasks, including configuration, policy updates, and rollouts, are administered centrally, ensuring consistent behavior across deployed agents.
Consider Logpoint Agent (Centralized) for:
Environments that prioritize consistent configuration and simplified administration.
Smaller or static deployments that do not require high throughput.
Scenarios where centralized policy enforcement is critical.
Avoid Logpoint Agent (Centralized) when devices must handle high event throughput, rely on load balancing, or operate with variable addressing. For these requirements, use Logpoint Agent (Standalone).
AgentX is a lightweight endpoint agent designed for detection and response. It provides enhanced endpoint visibility and supports actions such as containment and remediation, but is not intended for large-scale log collection.
Use AgentX for:
Endpoint detection and response (EDR).
Containment and remediation workflows.
Lightweight telemetry collection tied to security operations.
Do not use AgentX when high-volume log collection, NAT handling, or variable IP support is required. For scalable log forwarding, use Logpoint Agent (Standalone).