circle-info
Welcome to the new Logpoint documentation portal! Can’t find what you’re looking for?
Logpoint Documentationarrow-up-right
search

User Configuration

hashtag
Change User Password

An admin must change the default password after they log in for the first time.

The default password is as follows:

Username: admin
Password: changeme
chevron-rightChanging a User's Passwordhashtag

  1. Go to Settings >> User Accounts from the navigation bar and click Users.

Users list

  1. Click the Change Password icon in Actions.

  2. Enter a New Password and re-enter it.

  3. Click Submit.

hashtag
User Preferences

User Preferences allows you to customize your Logpoint experience through account and interface settings. Manage your personal details, passwords, time zone preferences, and API access keys under Account settings. Configure your User Interface by adjusting pagination limits, enabling context-sensitive help and live searches, controlling notification positions, customizing search help options, selecting visible log fields, and applying Dark Mode to suit your workflow and preferences.

chevron-rightViewing Personal Detailshashtag

  1. In the navigation bar, go to User >> My Preferences.

Preferences dropdown

  1. In Account >> User Details, view your username and password settings.

chevron-rightChanging Logpoint Password hashtag

If you are using a different authentication than Logpoint, password cannot be changed.

  1. In the navigation bar, click My Preferences.

  2. In Account >> Change Password, enter your current password.

  3. Enter the New Password.

  4. Click Change Password.

hashtag
Date and Time Preferences

Users view logs according to their time zone. For example, a user in Denmark viewing logs collected in England will see the logs in the Danish time zone (UTC +1). The default timezone is UTC.

Logs are collected in UTC irrespective of the timezone you apply. The timezone changed from the UI is for the specific user in Logpoint and will not change the timezone of the Logpoint server.

circle-exclamation

Do not change the Logpoint server timezone from the CLI, as this impacts timestamp recording. Changing the server timezone can cause logs to be stored in the future or past, leading to delays or missing logs.

chevron-rightChanging Date/Time Preferenceshashtag

  1. In the navigation bar, click My Preferences.

  2. In Account >> Date/Time Preference, select time zone, date format, and time format.

hashtag
API Access Key

The API Access Key is a unique identification for each user. Use it to access the API endpoints Logpoint exposes. Copy your automatically generated key from your user preferences, or generate a new key.

chevron-rightCopying the API Access Keyhashtag

  1. In the navigation bar, click My Preferences.

  2. Locate the API Access Key and click the Copy icon to copy it to the clipboard.

API Access Key
chevron-rightGenerating a new API Access Keyhashtag

  1. In the navigation bar, click My Preferences.

  2. Click the Refresh icon to generate a new key, then click the Copy icon to copy it to the clipboard.

API Access Key

hashtag
Lists and Search Pagination

When you apply pagination, it controls all lists and results. You can't apply different limits.

chevron-rightChanging Paginationhashtag

  1. In the navigation bar, click My Preferences.

  2. Click User Interface.

  3. In Page Size Configuration, enter or select the number of results to list.

hashtag
Context Sensitive Help

You can turn off or on context sensitive help for all Logpoint UI entities, such as User Accounts, Configuration, Knowledge Base, and System Settings.

hashtag
Live Searches

chevron-rightTurning on or off Live Searcheshashtag

  1. In the Navigation bar, click My Preferences.

  2. Click User Interface.

  3. In Dashboard Behaviour>> Pre Compute Dashboard Data, turn on or turn off.

hashtag
Notifications Position

Notification position lets you choose where automatic alerts display on your screen. Pick a placement that fits your workflow and keeps notifications visible and easy to access.

chevron-rightSelecting Notifications Positionhashtag

  1. In the Navigation bar, click My Preferences.

  2. Click User Interface.

  3. In Growl Notification Position, select one of the following:

    1. Top Left

    2. Top Right

    3. Bottom Left

    4. Bottom Right

hashtag
Search Help Preferences

In Search Help,

  • Use Search Help Pop-up to get search assistance as you type keywords.

  • Display or hide the histogram on the Search page.

  • Display or hide the Interesting Fields on the Search page.

chevron-rightTurning on or off Search Help Preferenceshashtag

  1. In the Navigation bar, click My Preferences.

  2. Click User Interface.

  3. In Search Help, turn on or turn off:

    1. Display Search Help Pop-up

    2. Hide Histogram in Search Page

    3. Disable Interesting Fields in Search Page

hashtag
Log Fields to Display in Search Results

You can choose which log fields appear in search results to control the level of detail displayed.

chevron-rightSelecting Search Log Fieldshashtag

  1. In the Navigation bar, click My Preferences.

  2. Click User Interface.

  3. In Search Log Fields, click:

    1. Display All to display all log fields.

    2. Display Minimum to only show log_ts, device_ip, device_name, col_type, source_name and repo_name.

    3. Custom enter the fields to hide.

hashtag
Dark Mode

Dark Mode switches the interface from the default light background to a dark theme.

chevron-rightSwitching to Dark Modehashtag

  1. In the Navigation bar, click My Preferences.

  2. Click User Interface.

  3. In Enable Dark Mode, turn it on or turn it off.

hashtag
Setup SSH Key Pair for li-admin

After installing Logpoint, access it through the command line using the li-admin username. To establish an SSH connection, the li-admin user requires an SSH key pair, which can be generated using either the Logpoint UI or the command line.

Once the SSH connection is established, authenticate to Logpoint using either a password or an SSH key pair.

circle-info

For Windows Users: If you're using PuTTY on Windows, you must first convert the SSH key into a PuTTY-compatible format using PuTTYgen.

chevron-rightSetup SSH Key Pair from the UIhashtag

  1. Login as an Admin user.

  2. Go to Settings >> System Settings from the navigation bar and click System Settings.

  3. Select SSH Key Pair for li-admin.

  4. Enter a Passphrase.

  5. Click Regenerate Key Pair.

  6. Click the copy icon.

  7. On your device, navigate to the ~/.ssh folder.

  8. Change the permission of the private key file.

  9. Use SSH to connect to Logpoint:

  10. Enter the Passphrase to establish the SSH connection from the remote device.

chevron-rightSetup SSH Key Pair from the Command Linehashtag

  1. Create an SSH pair in Logpoint.

  2. Copy the public key to authorized keys.

  3. Move the newly created private key to a remote machine. You can use SCP to do this.

  4. Change the permission of the private key file.

  5. Use SSH to connect to your Logpoint.

hashtag
Lockout Policy

A lockout policy enhances security by temporarily restricting access to user accounts after multiple failed login attempts. It defines two key parameters: the maximum number of unsuccessful login attempts permitted and the duration for which the account remains locked. Administrators can monitor locked accounts through the user list, where locked users are clearly marked, and can manually unlock accounts when needed.

chevron-rightAdding a Lockout Policyhashtag

  1. Go to Settings >> System Settings from the navigation bar and click System Settings.

  2. In System Settings, click Lockout Policy.

  3. Click Lockout Threshold and select or enter the number of unsuccessful attempts a user has. The default is 5 times.

  4. In Lockout Duration (minutes) and select or enter how long a user is locked out. The default is 30 minutes.

  5. Click Save Changes.

hashtag
Unlocking Users

When users are locked out of Logpoint SIEM due to failed login attempts, they appear in the User List with a distinct icon next to their username. Only administrators can unlock these users, allowing them to restore access and enable locked users to log back into the system.

chevron-rightUnlocking Usershashtag

  1. Go to Settings >> User Accounts from the navigation bar and click Users.

  2. Find the users in the list who is locked.

  3. Click the Unlock icon next to their name.

  4. Click Submit.

Last updated

Was this helpful?