Logo
Sign in
  1. Logpoint Service Desk
  2. Products Hub
  3. Marketplace

ClearSwift

Avatar Permanently deleted user
December 11, 2024 09:12
Follow
app-115003782705.png

Release Details

Fields

Details

Name

ClearSwift

Version

 5.0.0

Supported On

LogPoint v6.0.0 and later

Release Date

2020-05-14
Document Date

2020-05-14
Download

ClearSwift_5.0.0.pak
SHA256  87ff5eff43f957b544d2ad3e13f549fdd01b31fed6df5951e78be8c5fc94afef


Package Details

The application consist of the following components:

  1. Dashboard Package
    • LP_Clearswift SEG: Top 10 Senders and Recipients 
  2. Normalization Packages
    • LP_Clearswift SEG  
    • LP_Clearswift SWG 
    • LP_Clearswift SEG Generic 
  3. Search Templates
    • LP_Inbound Mail Activities 
    • LP_Outbound Mail Activities 

Enhancement

A minor update has been done in the application’s normalizer for better signature handling.

General Description

The Clearswift application normalizes Clearswift SEG events and enables you to analyze Clearswift SEG data using pre-set dashboard views. You can further customize the dashboard and searches to perform in-depth analysis.

Installation 

Follow these steps to install the Clearswift v5.0.0 plugin:

  1. Download the Clearswift package from the Download section above. 
  2. Add the required Clearswift server as a device in LogPoint.
  3. Create a collection policy with the Syslog collector and appropriate processing policy. 
  4. Assign the policy to the device.
  5. Add the dashboard.

Supported Versions

The supported versions of Clearswift with LogPoint in this configuration are:

  • Clearswift SEG v3.x
  • Clearswift SEG v4.x

Log Formats

Expected Log Format

Inbound Mail Sender Log

Log Samples

<22>1 2015-10-29T11:40:52Z p1mail.abc.xyzn.com mail - - - sm-inbound[21101]: t9TBeqNh021101: <-- MAIL FROM:<abc@xyz.com> SIZE=11966

Aug 17 11:29:56 sm-inbound[32401]: t7H9Tta8032401: <-- MAIL From:<abc@xyz.com> SIZE=5867 BODY=8BITMIME

 Expected Log Format

Inbound Mail Recipient Log

Log Sample

<22>1 2015-10-29T11:40:52Z p1mail.abc.xyzn.com mail - - - sm-inbound[21101]: t9TBeqMh021101: <-- RCPT TO:<abc@xyz.com> ORCPT=rfc822;abc@lp.com

Aug 17 11:30:10 sm-inbound[32401]: t7H9Tta8032401: <-- RCPT To:<abc@xyz.com> ORCPT=rfc822;abc@xyz.com

Expected Log Format

Outbound Mail Sender Log

Log Samples

<22>1 2015-10-29T11:40:07Z p1mail.abc.xyzn.com mail - - - sm-outbound[17545]: t9TBe2kJ017431: >>> MAIL From:<g-9005764543-6096-751094688-1446118796472@service.xyz.com> SIZE=90663

Aug 17 10:42:06 sm-outbound[27319]: t7H8fjLq026622: >>> MAIL From:<138440.349835194@xyz.com> SIZE=20790

Expected Log Format

Outbound Mail Recipient Log

Log Samples

<22>1 2015-10-29T11:40:07Z p1mail.abc.xyzn.com mail - - - sm-outbound[17545]: t9TBe2kJ017431: >>> RCPT To:<user@xyzn.com>

Aug 17 10:42:06 sm-outbound[27319]: t7H8fjLq026622: >>> RCPT To:<abc@xyz.com>

To export data to LogPoint use Syslog collector on port 514 on the LogPoint server.

Support

If you have any queries or require assistance, please feel free to contact our support team:

Email:             servicedesk@logpoint.com

Phone:           +45 7060 6100

Best regards,

 

Comments

  • Avatar
    Daniel Hainich
    June 13, 2018 13:27

    hi, dashboard isnt working because there are labels defined, but there is no label-package and the logs are not labeled. what i have to do?

    Comment actions Permalink

Article is closed for comments.

Related articles

  • Cloud Connector
  • Incapsula
  • Clean Char Process Plugin
  • Corelight
  • Microsoft Defender ATP
Was this article helpful?
0 out of 0 found this helpful
Privacy policy    EULA    Terms of service   
Copyright © , Logpoint. All rights reserved.

Note: We use cookies that are essential for the smooth functioning of our website.