Varonis

Varonis normalizes Varonis events and enables you to analyze Varonis data related to data security and insider threat detection.

Release Details

Version: 5.1.0

Release date: May 02, 2024

Supported On: Logpoint v7.4.0 or later for log source template

SHA 256: 3c3f72c3f31d2da6ee1dae0e580e838714425cfb468ee64f93ca432d3d3805f0

Download

Package Detail

Varonis component:

Normalization Package
- LP_Varonis

Enhancement

Description	Issue ID	Reference ID
Added Syslog Collector based Varonis log source template, simplifying the log source configuration process. To learn more, go to Creating Log Source via a Template.	KB-22673	-

Past Release

Varonis v5.0.0

Release Date: January 20, 2021

Supported On: Logpoint v6.6.0 and later

SHA256: 73130ab48d8aa82f918255e382d494a152ff71a28fff6e4b560e875c66b753ab

Supported Device

Varonis

Log Format

Expected Log Format

Varonis

Log Sample

May 21 10:46:58 xxx.xxx.x.xx alert Varonis-DatAlert: Varonis alert: Accès Charte was triggered at 21/05/2020 10:41:00#015#012#015#012Alert details:#xxx#xxx#xxx#xxxRule ID: x#xxx#xxxRule Name: Accès Charte#015#012Severity: x#xxx#xxxAlert Time: 21/05/2020 10:46:56#015#012#015#012Event details (last event for threshold alert):#015#012#015#012Event Time: 21/06/2017 10:41:00#015#012Acting Object: fco.local\ABC#015#012Acting Object SAM Account Name: ABC#015#012File Server/Domain: xxxxx#01x#01xPath: E:\Commun\xxxxxx inter services\XXXXX Informatique\ XXXXXX Informatique\XYZ - Copie.txt#015#012Affected Object: document texte - Copie.txt#015#012E

To export data to Logpoint, use the Syslog collector on port 514 of the Logpoint server.

Support

If you have any questions or require assistance, create a support ticket.

Varonis

Package Detail

Enhancement

Past Release

Varonis v5.0.0

Supported Device

Log Format

Support

Comments

Related articles