Logo
Sign in
  1. Logpoint Service Desk
  2. Products Hub
  3. Marketplace
default.png

Universal Normalizer

Universal Normalizer enables you to normalize structured logs, extract their fields and rename those fields to comply with Logpoint taxonomy and add labels. It provides a generic interface to create, install and update a custom compiled normalizer for JSON, CEF, LEEF, CSV, XML and Key-Value pair log types. 

 

 

 

Release Details
Version: 5.8.0
Release date: March 25, 2025
Supported On: Logpoint v7.2.1 and later
Documentation: Universal Normalizer guide
SHA 256: e1a1e596046dc0deea577105364b8f05047e769197c336b755e90ae50e78fc4b
Download

 

 

 

 

 

 

 

 

 

Bug Fix

Description

 Issue ID Reference ID

Universal Normalizer incorrectly assigned the IP taxanomy field as a String, causing queries like source_address in HOMENET to fail.

 

PLUG-13121

 

 85481, 87803

 

Past Releases

Universal Normalizer v5.7.0

Version: 5.7.0
Release date: October 22, 2024
Supported On: Logpoint v7.2.1 and later
Documentation: Universal Normalizer guide
SHA 256: 6e512b9b15a22c38233bb8fd9a0addd53632f225877a760ac397326466db17b0

Download

Key Information

Once you update Universal Normalizer to 5.7.0, you need to go to Settings > Configuration > Universal Normalizer and update your normalizers. 

Enhancement

Description

 Issue ID Reference ID

The regex used as a Log identifier is now fully sanitized, preventing any possibility of Remote Code Execution.

 PLUG-13122 -

 

Universal Normalizer v5.6.0

Release Date: March 22, 2024

Supported On: Logpoint v7.2.1 and later

Download: UniversalNormalizer_5.6.0.pak

SHA256: 6e512b9b15a22c38233bb8fd9a0addd53632f225877a760ac397326466db17b0

Enhancement

Description

 Issue ID Reference ID

Updated Universal Normalizer to make the created custom-compiled normalizers compatible with the latest version of CNDP. 

 KB-24481 -

 

Universal Normalizer v5.5.0

Release Date: February 12, 2024

Supported On: Logpoint v7.2.1 and later

Download: UniversalNormalizer_5.5.0.pak

SHA256: cb983a68a9eb1bfd38925e6179a2a577a7f6ffd1d64f9bcab6716482a08c6272

Enhancement

Description
Issue ID
Reference ID

The suffix Universal appears in the name of a custom application created using a vendor package. The suffix is not reflected in the Universal Normalizer user interface but can be seen under Settings >> System >> Applications. To learn more, go to Importing a Vendor Package. 

 KB-23926 -

 

Universal Normalizer v5.4.0

Release Date: January 25, 2024

Supported On: Logpoint v7.2.1 and later

Download: UniversalNormalizer_5.4.0.pak

SHA256: 5c68680b64c054013ecec2c1e67c2bc27bf8ef5c1a9383e5c1bc4662273ed71f

Enhancement

Description
Issue ID
Reference ID
You can now extract the header of JSON, CEF, LEEF, CSV, XML and Key-Value Pair logs. To learn how, go to Parse Field Further KB-23657 -

Bug Fixes

The following issues are fixed:

Description
Issue ID
Reference ID
Installation of Universal Normalizer v5.2.0 or v5.3.0 disabled the installation and uninstallation of AgentX Server v1.2.0. KB-23508 78894, 79075, 78531

A field containing the value in date_time format, for example, "atime": "2023-09-01_15:49:30.864+0200", was not correctly normalized by the custom compiled normalizers generated by Universal Normalizer. 

 KB-23700 -

Universal Normalizer v5.3.0

Release Date: November 06, 2023

Supported On: Logpoint v7.2.1 and later

Download: UniversalNormalizer_5.3.0.pak

SHA256: c8d01271590416c8cddf33a9b237f0b91ec19fc716aaf9afbf681df464da4f21

Key Information

  • After installing Universal Normalizer, you can find it under Settings >> Configurations.
  • The created custom-compiled normalizers are compatible with CNDP. 

Enhancements

Description
Issue ID
Reference ID

You can now enter a sample log to test the configuration's correctness. 

KB-18069

 -

The Exclude Fields only supports field name(s) with any combination of lowercase letters, numbers, and underscore (_).

 KB-22390 -
You can now select a parsing depth to which JSON logs can be parsed further. KB-21829 -

Universal Normalizer v5.2.0

Release Date: June 19, 2023

Supported On: Logpoint v7.2.1 and later

Download: UniversalNormalizer_5.2.0.pak

SHA256: 26b53a1ffba0ada36a0742edd3452dea4a22dc3078ff40abf5b9eca704f7270b

Enhancements

Description
Issue ID
Reference ID

You can now export the config file of a custom-compiled normalizer and re-upload it to create a new custom-compiled

normalizer. Go to Export a Config File to learn more about it. 

KB-20851

 -

You can now exclude certain fields from normalized logs. Mandatory fields sig_id, norm_id, device_category and label cannot be excluded. 

 KB- 20378 -
You can now upload vendor packages to install a custom complied normalizer without the need to fill in the configuration form. Go to Import a Vendor Package to learn more about it.  KB- 20124 -

Bug Fix

Description
Issue ID
Reference ID
Universal Normalizer could not apply the taxonomy as per the taxonomies defined in the Taxonomy fields. KB-20295 -

Universal Normalizer v5.1.0

Release Date: January 31, 2023

Supported On: Logpoint v7.1.1 or later

Download: UniversalNormalizer_5.1.0.pak

SHA256: 3035464cdd6d3d457170a4ea49c19cf78dad4d74565c8e9853e8f6a43c9a1045

Enhancements

Description
Issue ID
Reference ID
Updated Universal Normalizer to support the normalization of key-value pair logs with and without a space after delimiter. KB-19722 -

The character length limit for the Log Identifier Regex form field is increased from 100 to 300 to handle the long and complex regex.

 KB-19743 -

Support

If you have any questions or require assistance, create a support ticket here. 

 

Comments

Article is closed for comments.

Follow

Related articles

  • JSONNormalizer
  • Universal REST API Fetcher
  • Microsoft Graph
  • NXLog Enterprise
  • GoogleCloudPlatform
Privacy policy    EULA    Terms of service   
Copyright © , Logpoint. All rights reserved.

Note: We use cookies that are essential for the smooth functioning of our website.