Logo
Sign in
  1. Logpoint Service Desk
  2. Products Hub
  3. Marketplace
default.png

Cisco Umbrella 

CiscoUmbrella enables you to fetch and analyze Cisco Umbrella logs from the Amazon S3 (Simple Storage Service) Buckets. Buckets are Amazon S3’s storage units created and accessed using the AWS (Amazon Web Services) account. CiscoUmbrella can fetch logs either from Amazon S3’s buckets or from a bucket of a third-party service using Amazon S3’s storage.

 

Release Details
Version: 6.0.1
Release date: 30th October, 2024
Supported On: Logpoint v7.5.0 and later, Director Fabric v2.6.0, Director Console v2.6.0
Documentation:
Cisco Umbrella for Logpoint
Cisco Umbrella for Director Console UI
Cisco Umbrella for Director Console API 
SHA 256: 652ae3ad9a4dfb257050987863e27e8abc57355eae68834903f8bcb84a825ab6
Download


Package Details

  1. Fetcher
    • CiscoUmbrellaLogFetcher
  2. Compiled Normalizer
    • CiscoUmbrellaCompiledNormalizer
  3. Dashboard Packages
    • LP_Cisco Umbrella Overview
    • LP_Cisco Umbrella DNS
    • LP_Cisco Umbrella Proxy
    • LP_Cisco Umbrella IP
  4. Alert Package
    • LP_CiscoUmbrella Malware Detected

Enhancements

Description

Issue ID

Reference ID
You can now configure Cisco Umbrella from Log Sources, which provides a centralized user interface for all the configurations of log collection.

Compatibility is available with Director v2.6.0, currently available as Priority Access. Contact Support for its access.

PLUG-10834

 -

Changes in the Previous Versions

Changes in CiscoUmbrella v5.2.1

Version:5.2.1
Release date: April 27, 2023
Supported On: Logpoint v6.11.1 and later
Documentation:
  • CiscoUmbrella for Logpoint
  • CiscoUmbrella for Director Console UI
  • CiscoUmbrella for Director Console API
SHA 256: 0251f6c6bf295956e63c9ca43587173c69b748e886863188c1782b5db5ccc287
Download CiscoUmbrella_5.2.1.pak

 

Enhancement

Description
Issue ID
Reference ID
CiscoUmbrella now supports Multi-Region Access Points (MRAP) of Amazon Web Services. PLUG-9714 72637
Normalization support has been added for IP and proxy logs of Log Schema Version 5 and 6. 
 KB-20571, KB-14251, KB-18806, KB-14067 73662, 60138, 66497, 70434, 58949, 59885
The device_field category has been added to the normalization.  KB-14334 -

 

Changes in CiscoUmbrella v5.2.0

Release Date: August 25, 2021

Supported On: Logpoint v6.11.1 and later

Download: CiscoUmbrella_5.2.0.pak

SHA256: 6761619257b00d234accacc0886f38d20e0c7cd12e1fbbd6f9019367fd90f1ea

Enhancements

  • The DNS and Query labels have been added in the DNS events with the event category DNS.

  • The fields record_type and record_description have been added to the existing fields query_type and query_description to maintain consistency. The record_type field stores record name with a value like A or AAAA. This change has been applied to the dashboard LP_Cisco Umbrella DNS.

Bug Fixes

The following issues have been resolved:

  • An issue in the DNS events where the domain field's value ended with a trailing dot (.).
  • A file processing delay issue.

Changes in CiscoUmbrella v5.1.0

Release Date: May 14, 2020

Supported On: Logpoint v6.7.2 and later

Download: CiscoUmbrella_5.1.0.pak

SHA256: 3487ae9cb5651b3971804d9408707bc415a7d3b59509305ffeed9f86da95e762

Enhancements

  • You can now configure the CiscoUmbrella application from Director Console UI and Director Console API.

  • You can now filter the logs based on the date before fetching them. 

Bug Fix

The following issue has been resolved:

  • An issue causing delays in the processing of logs due to the application reading all files from the Amazon S3 buckets during each scan.

Support

If you have any questions or require assistance, create a support ticket.

Comments

Article is closed for comments.

Follow

Related articles

  • CiscoAMP
  • Cisco
  • Cloud Connector
  • NXLog Enterprise
  • Nozomi
Privacy policy    EULA    Terms of service   
Copyright © , Logpoint. All rights reserved.