Logo
Sign in
  1. Logpoint Service Desk
  2. Products Hub
  3. Marketplace
default.png

IncMan 

IncMan sends notifications of the triggered alert incidents to the DFLabs’ IncMan server in CEF data format. The DFLabs’ IncMan server is a security automation platform that automates, orchestrates, and measures security operations, threat management, and incident response.

 

Release Details
Version: 5.1.0
Release date: 30th October, 2024
Supported On: Logpoint v7.5.0 and later
Documentation: IncMan Guide 
SHA 256: e4b5df6d0a3dfe5dce38691962ec6dfed01afd00df5267a5c2098f4f3f4b7416
Download

Package Details

IncMan Components:

  1. Alertnotifications
    • IncManNotification
  2. K b list
    • ADMINS
    • CLOUD_APPLICATIONS
    • HOMENET
    • IRC_PORTS
    • KNOWN_DOMAINS
    • MAIL_SERVER_IP
    • MAIL_SERVERS
    • MALWARE_EMAILS
    • MALWARE_FILES
    • MALWARE_HASH
    • MALWARE_IP
    • MALWARE_URL
    • RESIGNED_EMPLOYEES
  3. Alerts
    • LP_Malware Threat Affected Host
    • LP_Malware Threat Connection from Malicious Source
    • LP_Malware Threat Connection to Malicious Destination
    • LP_Malware Threat Connection to Malicious URLs
    • LP_Malware Threat Emails Sent to Attacker
    • LP_Possible Account Misuse-Abnormal Login
    • LP_Possible Account Misuse-Multiple Logon
    • LP_Possible Account Misuse-Privilege Escalation
    • LP_Possible Botnet Connection- DNS Query
    • LP_Possible Botnet Connection-DNS Server Modified
    • LP_Possible Botnet Connection-IRC Port
    • LP_Possible Botnet Connection-Outbound DDOS
    • LP_Possible Botnet Connection-Outbound Spam
    • LP_Possible DDOS Attack
    • LP_Possible Data Breach
    • LP_Possible Data Breach-Off Hour Transfer
    • LP_Possible Inbound Spamming Detected
    • LP_Possible Insider Threat
    • LP_Possible Intrusion Detected
    • LP_Possible Malicious Communication-Inbound
    • LP_Possible Malicious Communication-Outbound
    • LP_Possible Malware Detected 
    • LP_Possible Outbound Spamming Detected
    • LP_Possible Phishing Detected
    • LP_Possible Port Scan Detected-Inbound
    • LP_Possible Port Scan Detected-Internal
    • LP_Possible Scan and Probe
    • LP_Possible Unauthorized Access
    • LP_Possible WebApp Attack 

Enhancements

Description

Issue ID

Reference ID
IncMan is now compatible with Logpoint v7.5.0.

PLUG-11610

 -

 

IncMan v5.0.0

Release Details

Fields

Details

Name

IncMan

Version

5.0.0

Supported On

LogPoint v6.7.0 or later

Release Date

2020-02-26
Document Date 2020-02-26
Download IncMan_5.0.0.zip
SHA256 ed65f537ea399539d59372c609bdb7d679f34bb0cffec46706bbcf7b545c989d

Package Details

The application package consists of the following components:

  1.  IncMan Notification v3.4.0
  2.  IncMan v3.4.0 (Knowledge Base Components)

Enhancement

The application has been updated to comply with LogPoint v6.7.0. 

Installation

Follow these steps to install the IncMan v5.0.0 application:

  1. Download the IncMan_5.0.0.zip file provided in the Download section above. 
  2. Extract the zip file to obtain the IncMan_5.0.0.pak file.  
  3. Install the application by importing the pak file to LogPoint under Settings >> System >> Applications.

For more details, please refer to the Configuration section of the IncMan Manual.

Documentation

You can download the IncMan Manual from the Download section above.

 

Support

If you have any questions or require assistance, create a support ticket.

Comments

Article is closed for comments.

Follow

Related articles

  • Universal REST API Fetcher
  • InfoBlox
  • Google Workspace/GSuite
  • Mitre Dataset Updater
  • Onapsis Security
Privacy policy    EULA    Terms of service   
Copyright © , Logpoint. All rights reserved.