UEBA PreConfiguration Plugin
The UEBA Pre-Configuration Plugin bundles the necessary components to prepare your input logs for UEBA analysis. UEBA observes each user's and entity's behavior to establish a baseline for normal behavior. To set a proper baseline, UEBA requires at least 30 days of properly normalized and enriched data. The UEBA Pre-Configuration Plugin installs the enrichment sources and the enrichment policy to make it easier to prepare your data. You must install the UEBA PreConfiguration Plugin to prepare your input logs for UEBA.
Package Details
- Enrichment Sources
- UEBA_SourceAddrToHostname
- UEBA_ActiveDirectoryUsers
- UEBA_DestAddrToHostname
- UEBA_ProtocolTable
- Enrichment Policy
- UEBA_ENRICHMENT_POLICY
Key Information
You must install UEBA PreConfiguration to prepare your input logs for UEBA.
Enhancement
|
Description |
Issue ID |
|---|---|
| Upgraded the UEBA PreConfiguration plugin’s MongoDB from version 4.0.19 to 7.0 to improve performance and security. | LP-58067 |
Past Releases
UEBA PreConfiguration v5.0.0
Release Date: February 26, 2020
Documentation: UEBA Preconfiguration Guide
Supported On: Logpoint v6.7.0 to v7.4.2
Download: UEBAPreConfiguration_5.0.0.zip
SHA256:d52b75e5927c59d020653a57f8c4fbadb596f8a229fc3603f8292f8ca7d66983
Enhancement
The application has been updated to comply with Logpoint v6.7.0.
UEBA PreConfiguration v3.3.1
Release Date: December 5, 2019
Documentation: UEBA Preconfiguration Guide
Supported On: Logpoint v6.6.5 - v6.6.6
Download: UEBAPreConfiguration_3.3.1.zip
SHA256: f152908164908368d87e3a2038907e06aed6433717b97e98613c23199462efe2
Enhancement
The UEBA Pre-Configuration Plugin now adds two new enrichment sources:
- UEBA_DestAddrToHostname
- UEBA_ProtocolTable.
Support
If you have any questions or require assistance, create a support ticket.
Comments
Article is closed for comments.