Logo
Sign in
  1. Logpoint Service Desk
  2. Products Hub
  3. Marketplace
app-115003781965.png

Aruba

Aruba for the Logpoint SIEM allows you to monitor and identify threats in your organization. Logpoint aggregates and normalizes the Aruba OS and Aruba Clearpass  logs so you can analyze the information through dashboards. Aruba's dashboard provides visualization of event details for users, servers, and stations authentication requests, access points, traffic analysis, potential issues or failures, and security information detected in your network. 

Release Details
Version: 5.1.0
Release date: April 25, 2024
Supported On: Logpoint v7.4.0 or later for log source template
SHA 256: 5cabe50cc49854c982360944b1c396ca4b6824d6bf2ca44b9cfae232707eb004
Download

Package Details

Aruba components:

  1. Dashboard Packages
    • LP_Aruba OS: Security 
    • LP_Aruba OS: User 
  2. Normalization Packages
    • LP_ArubaOS 
    • LP_ArubaOS Generic
    • LP_Aruba Clear Pass Debug
    • LP_Aruba SNMP Trap
    • LP_Aruba Clear Pass
    • LP_Aruba Airwave
    • LP_Aruba WLAN Controller
    • LP_ArubaOS Generic
    • LP_Aruba Master
    • LP_ArubaOS 
  3. Compiled Normalizers 
    • ArubaOSCompiledNormalizer 
    • ArubaClearPassCompiledNormalizer 

 

 

 

Enhancement

Description Issue ID Reference ID
Added Syslog Collector based Aruba log source template, simplifying the log source configuration process. To learn more, go to Creating Log Source via a Template.

KB-23285

 -

Past Release

Aruba v5.0.2

Release Date: July 21, 2021

Supported On: Logpoint 6.7.0 or later

Download: ArubaOS_5.0.2.pak

SHA256: c38ec0190552946c6a25bf465f01835930a1bc1a74867e2582f215784f1b0fab

Enhancement

Description
Issue ID
Zendesk Support ID
New signatures have been added in the normalization package LP_Aruba Clear Pass for the Aruba ClearPass logs. KB-13221 56222

 

Screenshot - Sample Dashboard

aruba.png

 

Supported Devices

  • ArubaOS
  • Aruba ClearPass

Log Formats

Expected Log Format

Aruba ClearPass LEEF 

Log Sample

Sep 01 2019 11:51:36.347 CEST 10.11.135.11 LEEF:1.0|Aruba Networks|ClearPass|6.6.5.93747|3006|messageId=2112064-1-0 Common.Username=xxxxxxxxx RADIUS.Auth-Method=EAP-MD5 Common.Host-MAC-Address=000000000060 Common.Roles=AZA Toegangscontrole Controllers, [User Authenticated] Common.System-Posture-Token=UNKNOWN Common.Enforcement-Profiles=[Update Endpoint Known], AZA VLAN Toegangscontrole Common.Request-Timestamp=2019-09-01 11:49:45+02 src=1.1.1.1 devTimeFormat=MMM dd yyyy HH:mm:ss.SSS z cat=Session Logs''' 

Expected Log Format

Aruba Syslog 

Log Sample

<142>Sep 18 08:35:08 2015 LP-Local1 authmgr[1613]: <522044> <INFO> <LP-Local1 1.1.1.1> MAC=xx:xx:xx:xx:xx:xx Station authenticate(start): method=1111x-User, role=LP-Employee-Role///LP-Initial-Role, VLAN=111/111, Derivation=2/1, Value Pair=1, flag=0x2 

Aruba v5.0.1

Enhancement

A minor update to the Aruba's normalizer which improves signature handling

 

Aruba v3.3.0

Release Date: May 17, 2018

Supported On: Logpoint 5.2.0 or later

Download: Aruba_3.3.0.pak

SHA256: d73b66dc89c9b1092c40080e3480c389c9c55c284f8ddbe098c5bd6dc6f2bd80

Enhancement

A minor update to the Aruba's normalizer which improves signature handling


Support

If you have any questions or require assistance, create a support ticket.

 

Comments

Article is closed for comments.

Follow

Related articles

  • FortiGate
  • Office365
  • Stormshield
  • Silverfort
  • Azure Blob Integration
Privacy policy    EULA    Terms of service   
Copyright © , Logpoint. All rights reserved.

Note: We use cookies that are essential for the smooth functioning of our website.