Help Center Logpoint Docs Idea Portal Logpoint.com

- - Knowledge base
Groups
Events

Community
UEBA - User and Entity Behaviour Analytics
Data-sources

Data-sources

Stay up to date with the latest & greatest

4 Topics
5 Replies

When you subscribe we will email you when there is a new topic in this category

4 Topics

Most replies

Most views

Newest first

Anonymous

posted in Data-sources

Public release of GoogleCloudPlatform v.6.0.0.

Hi All,We are excited to share the release of GoogleCloudPlatform v.6.0.0.Google Cloud Platform (GCP) is a suite of cloud computing services that provides infrastructure as a service, platform as a service and serverless computing environments. Alongside a set of management tools, it offers a series of modular cloud services including computing, data storage, data analytics and big data processing. To read more on this release, please follow the link below: https://servicedesk.logpoint.com/hc/en-us/articles/8956510332061

170

1 year ago

JohannNew Participant

asked in Data-sources

Cisco Ironport eMail Security Appliance integration with UEAB. Why did it not work?

Hi,I´m struggeling with the integration of the Cisco Ironport eMail Security Appliance as UEBA source.The LogPoint documenation - Data Sources For UEBA — UEBA Guide latest documentation (logpoint.com) - indicates the ESA is supported.The corresponding UEBA matching query is - device_category=Email* sAMAccountName=* receiver=* datasize=* | fields,log_ts,sender,receiver,userPrincipalName,sAMAccountName,datasize,subject,status,file,file_countThe ESA never sends a combination of receiver and datasize. The ESA only logs a combination auf sender and datazize. The ESA´s sender & receiver logs are linked only via the MID “message_identifier”Has anyone seen or did this integration with Cisco´s ESA and UEBA? Is it running in the correct way? Thanks.BRJohann

4273

2 years ago

Nils KrumeyLogPoint Team

asked in Data-sources

What models are there for the "Active Directory Authentication" in UEBA?

Does anyone have some examples of the models that are used for the “Active Directory Authentication” data source? For example, does this depend on certain Event IDs being present in the logs, and if so how do they map to the models?

831

3 years ago

Prabesh BhattaLogPoint Team

asked in Data-sources

What are currently supported data sources for UEBA ?

One of our customers was asking if it's possible to add VPN logs as a data source for UEBA.

521

3 years ago

Badge winners

Gustav Elkjær Rødsgaardhas earned the badge Valued Contributor
Gustav Elkjær Rødsgaardhas earned the badge Easy talker
Gustav Elkjær Rødsgaardhas earned the badge Conversation starter
Gustav Elkjær Rødsgaardhas earned the badge Innovator
markus.nebel@8com.dehas earned the badge Silver Contributor

Show all badges

Terms & Conditions Cookie settings

Sign up

Already have an account? Login

Already a Partner or Customer? Login with your LogPoint Support credentials. Don‘t have a LogPoint Support account? Ask your local LogPoint Representative. Only visiting? Login with LinkedIn to gain read–access.

Login to the community

Already a Partner or Customer? Login with your LogPoint Support credentials. Don‘t have a LogPoint Support account? Ask your local LogPoint Representative. Only visiting? Login with LinkedIn to gain read–access.

Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.

Enter your e-mail address

Back to overview

Scanning file for viruses.

Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.

This file cannot be downloaded

Sorry, our virus scanner detected that this file isn't safe to download.