Balabit normalizes Balabit events and enables you to analyze Balabit data. You can further customize the searches to perform in-depth analysis.
Release Version: 5.0.0
Release Date: May 14, 2020
Supported On: Logpoint v6.0.0 and later
Download: Balabit_5.0.0.pak
SHA256: d991ce7e49bdd27bbec5e62dee691f0d0b9dabc020bc3b44c4c6e6b8ef58717d
Package Details
Balabit consists of the following component:
-
Normalization Package
- LP_Balabit Shell Control
Enhancement
A minor update has been done in the application’s normalizer for better signature handling.
Installation
Follow these steps to install the Balabit v5.0.0 plugin:
- Download the .pak file from the Download link above.
- Add the required Balabit as a device in Logpoint.
- Create a collection policy with the Syslog collector and an appropriate processing policy.
- Assign the policy to the device.
Supported Version
The supported version of Balabit with Logpoint in this configuration is:
-
Balabit Shell Control Box 5.0.2
Configuration Of Sources
Log Sample
<78>Oct 24 10:33:01 logpoint.com CRON[3539]: (root) CMD ( (cd /opt/scb/bin; /opt/scb/bin/check-disk-full.php -r 80))
To export data to LogPoint use the Syslog collector on port 514 on the Logpoint server.
Support
If you have any queries or require assistance, create a support ticket.
Best regards,
Comments
Article is closed for comments.