Logo
Sign in
  1. Logpoint Service Desk
  2. Products Hub
  3. Marketplace

PointSharp

Avatar Suraj Khadka
August 23, 2024 15:25
Follow

Release Details

Fields

Details

Name

PointSharp

Version

5.1.0

Supported On

LogPoint v6.7.4 and later

Release Date

2021-02-03
Document Date 2021-02-03
Download PointSharp_5.1.0.pak
SHA256 0ec9f5d9e4e7db198e728d31b04fbcce9ed3ad38a405cdb55b09690b7ec29624

 

Important Notice

The PointSharp application adds its logs to the Windows Event logs, so you must use it with the LogPoint Agent (LPA) or the NXLog application.

Package Details

The application consists of the following components:

  1. Compiled Normalizer

    • PointSharpNormalizer

  2. Dashboard Package
    • LP_PointSharp 
  3. Search Template
    • LP_PointSharp

Enhancement

The application now includes:

  • The dashboard package LP_PointSharp, which enables the visualization of the PointSharp authentication events.
  • The search template LP_PointSharp, which provides an overview of the PointSharp authentication events.

General Description

The PointSharp application normalizes PointSharp events and enables you to analyze PointSharp data.  You can further customize the dashboard and searches to perform an in-depth analysis.  

Installation

Follow these steps to install the PointSharp v5.1.0 application:

  1. Download the PointSharp package from the Download section above.
  2. Add the required PointSharp server as a device in LogPoint.
  3. Create a collection policy with the Syslog collector and an appropriate processing policy.  
  4. Assign the policy to the device.
  5. Add the dashboards.

Supported Version

The device supported by the PointSharp with LogPoint in this configuration is:

  • PointSharp

Screenshot

Log Format

Expected Log Format

PointSharp

Log Sample

<14>Apr 29 13:00:01 logpoint.comPointSharpID: {"EventTime":"2019-04-29 13:00:01","Hostname":"logpoint.com","Keywords":"45035996273704960","EventType":"AUDIT_SUCCESS", "SeverityValue":2,"Severity": "INFO","EventID":1,"SourceName":"xxxxxxxxxxxxx","TaskValue":0,"RecordNumber":866335, "ExecutionProcessID":0,"ExecutionThreadID":0, "Channel":"PointSharpID_AuditLog","Message":"PointSharp ID - Authentication\nMethod:\tOATH\nCode:\tAccept\nUser:\xxxxxxx\n User Storage: AD\nMsg:\tOATH(WD, STATEFUL): PointSharp ID accepted user xxxxxx. Token: mobiletoken\n\nClient: xxx.xxx.xxx.xx\nSmartAuth: xx-SmartAuth [Policy:'PsidToken' == 'OTP' -> OATH] \nSession ID: 2YkM45abQT3QbLoX8LuAMprR+/8=","Opcode":"Info","EventData":"<Data>PointSharp ID - Authentication\nMethod:\tOATH\nCode:\tAccept\nUser:\xxxxx\nUser Storage: AD\nMsg:\tOATH(WD, STATEFUL): PointSharp ID accepted user xxxxxx. Token: mobiletoken\n\nClient: xxx.xxx.xxx.xx\nSmartAuth: xx-SmartAuth [Policy:'PsidToken' == 'OTP' -&gt; OATH]\n Session ID: 2YkM45abQT3QbLxxxxxxxxxx+/8=</Data>","EventReceivedTime":"2019-04-29 13:00:02","SourceModuleName":"xxxxxxxxx_xx","SourceModuleType":"xx_xxxxxxxxxxx"

To export data to LogPoint, use the Syslog collector on port 514 of the LogPoint server.

Support

If you have any queries or require assistance, please feel free to contact our support team:

Email:             servicedesk@logpoint.com

Phone:           +45 7060 6100

Best regards,

logpoint123.png

Comments

Article is closed for comments.

Related articles

  • PortWise
  • Template injection in Search Template
  • Logpoint Agent Collector
  • JSON Parser
  • Windows
Was this article helpful?
0 out of 0 found this helpful
Privacy policy    EULA    Terms of service   
Copyright © , Logpoint. All rights reserved.