Logo
Sign in
  1. Logpoint Service Desk
  2. Products Hub
  3. Marketplace

Muninn

Avatar Prithul Pokhrel
March 25, 2025 10:37
Follow
default.png

Muninn

The Muninn Network Detection and Response (NDR) platform enables you to forward Muninn notifications to Logpoint, where you can view and work with them as Logpoint-based incidents. 

You need to download Muninn, configure it as a Log Source in Logpoint and then configure the integration in Muninn.

Logpoint recommends that before you start Muninn and Logpoint, you perform a 2-step test to make sure the integration works.

 

 

Release Details
Version: 1.0.2
Release date: March 25, 2025
Supported On: Logpoint v7.6.0
SHA 256: 7879111ba3d72784c64f86801a338abefe9c7bd0c8bc3850237f14476270746d
Download 

 

Package Details

  1. Dashboard Package
    • LP_Muninn 
  2. Compiled Normalizer
    • MuninnCompiledNormalizer 
  3. Collector
    • MuninnCollector
  4. Search Template
    • LP_Muninn
  5. Log Source Template
    • Muninn

Enhancement

Description

IssueID

Reference ID

Muninn is now compatible with Logpoint 7.6.0.

-

 -

 

Installation

To install Munin:

1. Click Download and install Muninn.

2. Login to Logpoint and Muninn.

3. In Logpoint, go to the Navigation Bar and click Log Sources.

4. Click Add Log Source at the top right.

5. In Add Log Source, search for Muninn and double-click it to select.

6. Click Source and then click Generate Token. This is the token that Logpoint uses to authenticate the integration with Muninn. Click the copy icon to copy it.

7. Click Routing to create repos and routing criteria for Muninn. Repos are locations where incoming logs are stored and routing criteria are created to determine the conditions under which these logs are sent to repos.

8. Click Create Log Source.

Note: Once Muninn and Logpoint are integrated, notifications from Muninn are automatically forwarded to Logpoint. Muninn incidents are also triggered automatically without configuring the alerts in Logpoint. 

9. Go to Muninn.

10. Click the Settings icon.

11. In the drop-down, click Logpoint Integration Configuration.

12. In Notification Forwarding, click the green Plus icon.

13. Enter a Name for the Logpoint configuration.

14. In Host, enter your Logpoint’s IP/Host address.

15. In API Key, paste the key you copied when you created the Log Source.

16. In Sensor Nickname enter or type a name for the sensor. This name is displayed as incident data to inform you that the incident came from Muninn.

17. In Notification Subscriptions, select the severity level of the incident. Do you want Muninn to forward incidents with a High, Medium and/or Low severity level? 

18. Click Test. If you see a confirmation message, the connection works.

19. Click Create.

 

User Account Management

Users in the "Logpoint Administrator" user group can view Muninn Incidents by default. However, for other users to see the incidents, a Logpoint Administrator needs to:

  1. Create a Logpoint User Group called "Muninn Alerts".
  2. Add all relevant users to that group. 

Viewing Muninn incidents is limited to those users who belong to the groups "Logpoint Administrator" and "Muninn Alerts". To learn more about Logpoint user groups,  go to Adding a User Group. 

 

Testing 

To confirm Logpoint is receiving data from Muninn and creating incidents:

1. In Muninn, go to the Notifications dashboard.

2. The Category column has the name of the incident. Note down the name, and then in the address bar, copy the incident ID.

3. Click the Settings icon.

4. Click the edit icon for the Logpoint configuration you created.

5. In Test Notification, paste the incident number you copied.

6. Click Test. If you see a confirmation message, the incident was sent to Logpoint.

7. Go back to Logpoint.

8. In the navigation bar, click Incidents.

9. In the Filter sidebar, enter the name of the incident to find it.

10. Click Incident details to confirm the ID of the incident is the same as the one you tested in Muninn.

11. Scroll to the right.

12. The MUNINN REDIRECTION column lists the links back to the Muninn-based incident. Click the Investigate link. You are redirected back to Muninn where you can get more details about the incident.



Past Releases

Muninn v 1.0.1

Version: 1.0.1
Release date: December 23, 2024
Supported On: Logpoint 7.5.0
SHA 256: ec5e8f939b59fabeb97ba5641c2054c82fcec08b12846a808822e48dcaa37896
Download 

 

 

Muninn v 1.0.0

Release date: November 26, 2024
Supported On: Logpoint 7.5.0
SHA 256: 689a6594129729cb1be22a4b1816e1ac6e9929df957c39843861c414a511320f
Download: Muninn_1.0.0.pak

 

 

Support

If you have any questions or require assistance, create a support ticket.

Comments

Article is closed for comments.

Related articles

  • Stix/Taxii
  • Connectivity issue in HDFS after updating IP address and hostname on fabric servers
  • NXLog Enterprise
Was this article helpful?
0 out of 0 found this helpful
Privacy policy    EULA    Terms of service   
Copyright © , Logpoint. All rights reserved.

Note: We use cookies that are essential for the smooth functioning of our website.