Mideye

Release Details

Package Details

The application consist of the following components:

1. Dashboard Package
   
   • LP_Mideye 
2. Normalization Package
   • LP_Mideye

Usage Information  

Once successfully installed, the corresponding normalization package is available and can be used in any normalization policy as per need.

Enhancement

A minor update has been done in the application’s normalizer for better signature handling.

General Description

The Mideye application normalizes Mideye events and enables you to analyze Mideye data using pre-set dashboard views. You can further customize the dashboard and searches to perform in-depth analysis.

Installation 

Follow these steps to install the Mideye v5.0.0 plugin:

1. Download the Mideye package from the Download section above.
2. Add the required Mideye as a device in LogPoint.
3. Create a collection policy with the Syslog collector and appropriate processing policy. 
4. Assign the policy to the device.
5. Add the dashboard.

Supported Version

The supported versions of Mideye with LogPoint in this configuration are:

• Mideye v4.3.x

Log Format

Expected Log Format

Mideye

Log Samples

<135>DEBUG Establishing a socket to: 1.1.1.1:23110

<134> INFO Processing request for IP '/1.1.1.1', Ignore NAS IP: 'true', RADIUS port: '1111'

<134> INFO Password has expired and must be changed by user: 'abababa'

<132> WARN Invalid password for user 'abababa'

To export data to LogPoint use Syslog collector on port 514 on the LogPoint server.

Support

If you have any queries or require assistance, please feel free to contact our support team: 

Email: servicedesk@logpoint.com
Phone: +45 7060 6100

Best regards,