Hi Hans,

If you have enabled support connection then the Logpoint Server communicates with customer.logpoint.com

These should be their IPs:

Name: customer.logpoint.com

Address: 172.67.190.81:443

Name: customer.logpoint.com

Address: 104.21.76.59:443

 It also communicates with reverse.logpoint.com

Name: reverse.logpoint.com

Address: 89.188.79.98:1193

The IPs that you provided: 104.16.37.47 and 104.16.38.47; don’t seem to be under our domain. Maybe this is something you have used like, fetchers, TI or similar API integrations in your environment. 

Hi Hans,

If you need further help, you are always welcome to open a support ticket with LogPoint Support. :)

Hi Hans,

Both the IP address suggests (current status whitelisted), the external connections are attempted to maxmind which provide the geolocation information. The reason for this attempt originates from one of our process plugin named geoip whose input is IP address and the Output is geographic location.

With every LogPoint that we ship, geoip is bundled as a plugin with baseline information maintained in mmdb (maxmind database). On every Thursday, the geoip codebase attempts to connect to maxmind server through HTTPS (TCP/443) to update the database.

For further assurance, can you please check whether

1. Outbound connection attempt to maxmind ip addresses happens on other days as well
2. Additional connection attempt other than those mentioned ip address

Thanks,
Basudev Raut

Hi Basudev,

so it would be nice to find these informatíon - regarding the geoip update -under Connections required by LogPoint — Install and Upgrade LogPoint latest documentation.  

Name:    www.maxwind.com
Addresses:  3.99.113.10
                    3.97.24.88

Are these IP Addresses correct.

BR

Johann

@Basudev Raut? :)

Hi Hans,

Thank you for the suggestion. I will relay this to our documentation team. Regarding the IPs you mentioned, I have asked with relevant team, will get back to you soon.

Best Regards,
Basudev