Logpoint Agent (Centralized)
Logpoint Agent (Centralized), previously named Logpoint Agent Collector, is a policy-driven log collection agent managed directly from the Logpoint SIEM. All lifecycle operations, including configuration, policy updates, and rollouts, are handled centrally, ensuring uniform behavior across all deployed agents. Its core capabilities include centralized configuration, consistent policy enforcement, and streamlined administration through the SIEM interface. It is best suited for environments that prefer predictable configurations, simplified management, and do not require high-throughput or load-balanced event handling.
Logpoint Agent (Centralized) includes two product components: the Logpoint Agent .msi file and the Logpoint Agent Collector .pak file. Install the .msi file in Windows and the .pak file in Logpoint.
Package Details
- Collectors
- Logpoint Agent Collector Powered by NxLog
- LPACollectorServiceMonitor
- Normalization Package
- LP_Integrity Scanner
- Window Installer
- Logpoint Agent for Windows
Bug Fixes
| Description | Issue ID |
| If a log collection policy using Logpoint Agent Collector was removed and re-added on a device, the Agent page displayed duplicate entries for that device. | EDR-3239 |
| Logpoint Agent Collector has been upgraded to OpenSSL 3 to improve security and compatibility. | EDR-2728 |
Past Releases
Logpoint Agent Collector v6.1.3
Key Information
After upgrading to LPA v6.1.2, configurations with many agents may experience log delays due to a change in the log-processing library.
Bug Fix
| Description | Issue ID | Reference ID |
| After upgrading to Logpoint v7.5.0, Logpoint Agent Collector cannot update agent configurations or add new agents due to a SSL Handshake failure between the manager and the agents. | EDR-2834 |
#87114 , #87163, #87286, #87763, #87837, #88399, #88506, #88856 |
Logpoint Agent Collector v6.1.2
Key Information
After upgrading to LPA v6.1.2, configurations with many agents may experience log delays due to a change in the log-processing library.
Bug Fix
| Description | Issue ID | Reference ID |
| After upgrading to Logpoint v7.5.0, Logpoint Agent Collector cannot update agent configurations or add new agents due to a SSL Handshake failure between the manager and the agents. | EDR-2834 |
#87114 , #87163, #87286, #87763, #87837, #88399, #88506, #88856 |
Logpoint Agent Collector v6.1.1
Upgrade Scenarios
- When upgrading LPA from v6.0.1/v6.0.2 to v6.1.1, upgrade the .pak file only.
- When upgrading LPA from v5.2.5/v5.2.6 to v6.1.1, upgrade both .msi and .pak files.
Key Information
You can use Backup and Restore to create backups of configurations of the Logpoint Agent Collector and restore them later. However, if you provide new configurations or generate new certificates after using them, the Logpoint Agent for Windows will still have the old certificates. This can lead to a communication breakdown between the Logpoint Agent for Windows and the Logpoint Agent Collector. To resolve this, download the certificates and manually copy them to the Logpoint Agent for Windows.
Alternatively, follow these communication breakdown recovery steps:
- Ensure the Logpoint for Windows agent is in TCP mode. If in TLS mode, re-install the agent.
- Delete the corresponding Windows device in Logpoint.
- Add a new device for the agent in Logpoint.
Bug Fixes
The following issues are fixed:
| Description | Issue ID | Reference ID |
| Logpoint Agent Collector v5.2.4 and later continued collecting logs despite exceeding its memory limit. As a result, the system's OOM killer terminated the collector to free up memory, halting log collection. | PLUG-11063 | 77886, 79542, 79615, 79950, 80364, 80667, 81074, 81198, 81234, 81860, 81962, 81968 |
| If either Logpoint or Logpoint Agent Collector was upgraded or rebooted when the memory usage of Logpoint was high, the collector failed to collect logs. | PLUG-7934 | 56518, 56842, 72130, 74103, 74826, 76568, 77500, 77886, 78043, 78376, 79436, 79542, 79615, 81327, 81340 |
| Logpoint Agent Collector stopped collecting logs because of a general protection fault. This is an error that occurs in an operating system when a program tries to access a memory that is being consumed by other processes. | PLUG-10404 | 75238, 76744, 76958, 79608 |
| In case of a connection failure between Logpoint and Logpoint Agent Collector, log collection would cease as new connections couldn't be established. | PLUG-10718 | 73087, 77383, 78254, 78633, 79194, 79608, 80250 |
| Due to network congestion and high load on Logpoint Agent, SSL timeouts occurred while delivering certificates from Logpoint to Logpoint Agent. This prevented encrypted communication between the Logpoint Agent and the Logpoint Agent Collector and halted log collection. | PLUG-9677 | 72038, 72435, 72443, 80253 |
| When upgrading the LPA Collector on Logpoint with an Out-Of-Memory (OOM) issue, the UI incorrectly shows that the upgrade was successful, even though it wasn't. | PLUG-11776 | |
| After upgrading the Logpoint Agent (LPA) Collector on a system with an Out-Of-Memory (OOM) issue, the system should have terminated the old processes and released memory, but it didn't. | PLUG-11788 |
Logpoint Agent Collector v6.0.2
Release Date: October 04, 2023
Release Version: v6.0.2
Supported On: Logpoint v7.3.0, v7.3.1, v7.4.0, and v7.4.2
Download: Logpoint_Agent_Collector_6.0.2.zip
SHA256:bb53e67147ef00c9990ef48c2060ce1ee57d7df177b21b715de8f7a3e8b56aad
Documentation: Logpoint Agent Collector Guide
Enhancement
|
Description |
Issue ID |
Reference ID |
|---|---|---|
| Logpoint Agent Collector is now compatible with Logpoint v7.3.0. | PLUG-10726 |
Support
If you have any questions or require assistance, create a support ticket.
Comments
Article is closed for comments.