Logo
Sign in
  1. Logpoint Service Desk
  2. Products Hub
  3. Marketplace

RSA SecurID

Avatar Permanently deleted user
December 11, 2024 08:06
Follow
app-115003783845.png

 

Release Details

Fields

Details

Name

RSA SecurID

Version

5.0.0

Supported On

LogPoint v6.0.0 and later

Release Date

2020-05-14

Document Date 2020-05-14
Download RSASecurID_5.0.0.pak
SHA256  

591b202571fbb9bf6f193fe5025f64857bbdb230ceeb80e6437487c1a22b4eb7

 

Package Details

The application consist of the following components:

  1. Dashboard Packages
    • LP_RSA SecurID Admin and System 
    • LP_RSA Authentication Failure Events 
    • LP_RSA SecurID Runtime 
  2. Alert Packages
    • LP_RSA SecurID Authentication Fail 
    • LP_RSA SecurID NextTokenCode Activation
    • LP_RSA SecurID Account Lockout 
    • LP_RSA SecurID Passcode Reuse 
  3. Normalization Package
    • LP_RSA SecurID 
  4. Label Package
    • LP_RSA SecurID 

Enhancement

A minor update has been done in the application’s normalizer for better signature handling.

General Description

The RSA SecurID application normalizes RSA SecurID events and enables you to analyze RSA SecurID data using pre-set dashboard views. You can further customize the dashboard and searches to perform in-depth analysis.

Installation 

Follow these steps to install the RSA SecurID v5.0.0 plugin:

  1. Download the RSA SecurID package from the Download section above.
  2. Add the required RSA Authentication Manager server as a device in LogPoint.
  3. Create a collection policy with the Syslog collector and appropriate processing policy. 
  4. Assign the policy to the device.
  5. Add the dashboard.

Supported Version

The supported versions of RSA SecurID with LogPoint in this configuration are:

  • RSA SecurID Appliance 130
  • RSA SecurID Appliance 250

Log Format

Expected Log Format

RSA Runtime Format

Log Sample

6<14>2015-10-28 10:56:48,701, , audit.abc.com.rsa.ims.authn.impl.AuthenticationBrokerImpl, INFO, d4b742f06908a8cxxxxxxxxxxxx,xxxxxxxxxxxa8c008dce51d948e2f01,1.1.1.1,1.1.1.2,AUTHN_LOGIN_EVENT,13002,SUCCESS,AUTHN_METHOD_SUCCESS,428bfc456908a8c01f84d58b185b9c67-I55ViWb+ys8h,08930b6e6908a8c0032fe23b3e6826da,2b86e2046908a8c004090b8bfc567cb8,000000000000000000001000e0011000,BL,xxxxxxxxxx,xxxxxxxxxxxx,2c4a02996908a8c00293377dc18e4ba6,000000000000000000001000e0011000,2.2.2.2,BE-JPR-SA-1-OSS,7,000000000000000000002000f1022001,OnDemand,,,AUTHN_LOGIN_EVENT,5,1,,,,,069c21666908a8c01f4bc9f56a32f1e2,+32 498511036,,

Expected Log Format

RSA Admin

Log Sample

<14>2015-10-28 09:26:11,275, , audit.abc.com.rsa.ims.admin.impl.PrincipalAdministrationImpl, INFO, d4e793186908a8c01f74a2xxxxxxxxx,xxxxxxx6908a8c008dce51d948e2f01,1.2.2.2,1.3.3.3,UPDATE_PRINCIPAL,10055,SUCCESS,,3ebdba626908a8c01f2411219645f6e4-5MjikYi9ovWi,,a69439dc6908a8c0041703aeb0ce744b,2b86e2046908a8c004090b8bfc567cb8,000000000000000000001000e0011000,JNJ,Jaxxxxxxxx,Jaxxxxxxx,PRINCIPAL,02accb106908a8c01f7b0d53c9934088,2b86e2046908a8c004090b8bfc567cb8,000000000000000000001000e0011000,EBERG,,,,,,

Expected Log Format

RSA System

Log Sample

<12>2015-10-02 00:00:05,855, , system.com.rsa.ims.criticalnotification.impl.CriticalNotificationAdministrationImpl, WARN, b58e80050886500a1b1e0xxxxxxxx,xxxxxxxxxx00a0801e36fa92fae56,,1.1.1.1,CRITICAL_NOTIFICATION,16350,WARN,,,,,,,,,"Your deployment is at risk. A backup has not been created successfully in the last 7 days. Log on to the Operations Console, and select ""Backup and Restore > Back Up Now"" or ""Backup and Restore > Schedule Backups"".",,,,,,

To export data to LogPoint use Syslog collector on port 514 on the LogPoint server.

Support

If you have any queries or require assistance, please feel free to contact our support team: 

Email: servicedesk@logpoint.com
Phone: +45 7060 6100

Best regards,
untitled.svg

Comments

Article is closed for comments.

Related articles

  • Rubrik
  • PRTG Network Monitor
  • Rhebo
  • Netapp Filer FAS3240
  • CheckPoint Firewall
Was this article helpful?
0 out of 0 found this helpful
Privacy policy    EULA    Terms of service   
Copyright © , Logpoint. All rights reserved.

Note: We use cookies that are essential for the smooth functioning of our website.