Release Details
|
Fields |
Details |
|---|---|
|
Name |
ClearSwift |
|
Version |
5.0.0 |
|
Supported On |
LogPoint v6.0.0 and later |
|
Release Date |
2020-05-14 |
| Document Date |
2020-05-14 |
| Download | |
| SHA256 | 87ff5eff43f957b544d2ad3e13f549fdd01b31fed6df5951e78be8c5fc94afef |
Package Details
The application consist of the following components:
-
Dashboard Package
- LP_Clearswift SEG: Top 10 Senders and Recipients
-
Normalization Packages
- LP_Clearswift SEG
- LP_Clearswift SWG
- LP_Clearswift SEG Generic
-
Search Templates
- LP_Inbound Mail Activities
- LP_Outbound Mail Activities
Enhancement
A minor update has been done in the application’s normalizer for better signature handling.
General Description
The Clearswift application normalizes Clearswift SEG events and enables you to analyze Clearswift SEG data using pre-set dashboard views. You can further customize the dashboard and searches to perform in-depth analysis.
Installation
Follow these steps to install the Clearswift v5.0.0 plugin:
- Download the Clearswift package from the Download section above.
- Add the required Clearswift server as a device in LogPoint.
- Create a collection policy with the Syslog collector and appropriate processing policy.
- Assign the policy to the device.
- Add the dashboard.
Supported Versions
The supported versions of Clearswift with LogPoint in this configuration are:
- Clearswift SEG v3.x
- Clearswift SEG v4.x
Log Formats
Expected Log Format
Inbound Mail Sender Log
Log Samples
<22>1 2015-10-29T11:40:52Z p1mail.abc.xyzn.com mail - - - sm-inbound[21101]: t9TBeqNh021101: <-- MAIL FROM:<abc@xyz.com> SIZE=11966
Aug 17 11:29:56 sm-inbound[32401]: t7H9Tta8032401: <-- MAIL From:<abc@xyz.com> SIZE=5867 BODY=8BITMIME
Expected Log Format
Inbound Mail Recipient Log
Log Sample
<22>1 2015-10-29T11:40:52Z p1mail.abc.xyzn.com mail - - - sm-inbound[21101]: t9TBeqMh021101: <-- RCPT TO:<abc@xyz.com> ORCPT=rfc822;abc@lp.com
Aug 17 11:30:10 sm-inbound[32401]: t7H9Tta8032401: <-- RCPT To:<abc@xyz.com> ORCPT=rfc822;abc@xyz.com
Expected Log Format
Outbound Mail Sender Log
Log Samples
<22>1 2015-10-29T11:40:07Z p1mail.abc.xyzn.com mail - - - sm-outbound[17545]: t9TBe2kJ017431: >>> MAIL From:<g-9005764543-6096-751094688-1446118796472@service.xyz.com> SIZE=90663
Aug 17 10:42:06 sm-outbound[27319]: t7H8fjLq026622: >>> MAIL From:<138440.349835194@xyz.com> SIZE=20790
Expected Log Format
Outbound Mail Recipient Log
Log Samples
<22>1 2015-10-29T11:40:07Z p1mail.abc.xyzn.com mail - - - sm-outbound[17545]: t9TBe2kJ017431: >>> RCPT To:<user@xyzn.com>
Aug 17 10:42:06 sm-outbound[27319]: t7H8fjLq026622: >>> RCPT To:<abc@xyz.com>
To export data to LogPoint use Syslog collector on port 514 on the LogPoint server.
Support
If you have any queries or require assistance, please feel free to contact our support team:
Email: servicedesk@logpoint.com
Phone: +45 7060 6100
Best regards,
hi, dashboard isnt working because there are labels defined, but there is no label-package and the logs are not labeled. what i have to do?