Logo
Sign in
  1. Logpoint Service Desk
  2. Knowledge Center
  3. Normalization & Parsing

Creation of a new normalization request

Avatar Utsav Amatya
March 29, 2022 07:29
Follow

When creating a new normalization request, please include the following information. This will accelerate the normalization package fabrication procedure:

  • Name and version of the log source
  • Logging documentation for the version of the log source(can be obtained from the device vendor)
  • Sample logs from the device(The sample logs can be anonymized before being provided on the request)

 

Notes: You can use the following query to extract the un-normalized sample logs from the UI of LogPoint

            device_ip='xx.xx.xx.xx' -norm_id=* | norm <ALL:.*> | fields ALL

Comments

  • Avatar
    dak
    March 24, 2022 10:01

    I need to be able to write my own normalizer.

    Comment actions Permalink
  • Avatar
    Utsav Amatya
    March 29, 2022 07:24

    You can write your own normalization package. The information for this can be found on the following link:
    https://docs.logpoint.com/docs/data-integration-guide/en/latest/Configuration/Signatures.html#

    Do let us know if this was helpful for you.

    Comment actions Permalink
  • Avatar
    dak
    March 29, 2022 07:29

    Thank you, very helpful :)

    Comment actions Permalink

Please sign in to leave a comment.

Related articles

  • Universal Normalizer
  • Support Overview
  • Cloning a virtual Logpoint installation to a physical machine to solve unsupported hardware issue
  • Universal REST API Fetcher
  • LDAP Enrichment Source
Was this article helpful?
0 out of 2 found this helpful
Privacy policy    EULA    Terms of service   
Copyright © , Logpoint. All rights reserved.

Note: We use cookies that are essential for the smooth functioning of our website.