LOGbinder SP

Version: LOGbinder SP version 2 and later.

LOGbinder SP translates cryptic SharePoint audit data into easy-to-understand messages and sends them to your Netsurion. LOGbinder SP does not require an agent to be installed on your SharePoint servers, nor does it make intrusive changes to your SharePoint environment. It simply bridge the gap by bringing application security intelligence on SharePoint to your security operations center. LOGbinder SP is a small, efficient Windows service that runs on any Windows server that is a member of your SharePoint farm. This can be an existing SharePoint server or a dedicated server – even a VM. It just needs to be a member of the farm so that LOGbinder can interface with the SharePoint API.

Netsurion's Open XDR platform seamlessly combines SIEM, Log Management, File Integrity Monitoring, machine Analytics and so forth. It is designed to address an ever-changing landscape of threats and challenges, with a full suite of high-performance tools for security, compliance, and operations. Netsurion delivers comprehensive, useful and actionable insight into what is really going on in and around an enterprise IT environment.

Netsurion Data Source Integration for LOGbinder SP allows you to monitor following:-

  • Monitoring uptime status of SharePoint Server
  • Monitoring Disk and Memory Problem on SharePoint Server
  • Monitoring Microsoft Office SharePoint Server services
  • Monitoring Microsoft Office SharePoint Server
  • Monitoring SharePoint Audit Trail Integrity
  • Monitoring any Information Management Policy Changes
  • Monitoring Item updates done in SharePoint Site Collection
  • Monitoring Generic Object Changes done in SharePoint Site Collection

Once logs are received in to Netsurion, alerts and reports can be configured into Netsurion. 

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security LOGbinder - Setting changed This alert is generated when any setting is changed.
Security LOGbinder - Possible audit trail tampering This alert is generated when LOGbinder detects an audit trail tampering.
Security LOGbinder - SharePoint audit logs deleted This alert is generated when SharePoint audit logs are deleted.
Security LOGbinder - SharePoint audit policy change This alert is generated when SharePoint audit policy change occurs.
Security LOGbinder - SharePoint site collection administrator added This alert is generated when SharePoint site collection administrator added.
Security LOGbinder - SharePoint site collection administrator removed This alert is generated when SharePoint site collection administrator removed.

Reports

Type Name Description
Security LOGbinder - Error This category based report provides information related to error events logged by LOGbinder SP application.
Security LOGbinder - Setting changed This category based report provides information about when any configuration setting changes done to LOGbinder SP.
Security LOGbinder - Warning This category based report provides information about warning events logged by LOGbinder SP application.
Security LOGbinder - Noise events This category based report provides information related to SharePoint "noise" events.
Security LOGbinder - SharePoint access control change This category based report provides information related to any access control changes made in SharePoint site.
Security LOGbinder - SharePoint audit log deleted This category based report provides information about deleted SharePoint audit logs.
Security LOGbinder - SharePoint audit policy changed This category based report provides information about any changes made to SharePoint audit policy changed.
Security LOGbinder - SharePoint container object update This category based report provides information related to container object updates in SharePoint site.
Security LOGbinder - SharePoint document update This category based report provides information related to any document checked in, checked out, Updated and deleted in SharePoint site.
Security LOGbinder - SharePoint Import-Export This category based report provides information related to object export and import activities in SharePoint.
Security LOGbinder - SharePoint Information management policy changes This category based report provides information related to any changes done in SharePoint Information management policy.

Documentation

The configuration details in this guide are consistent with Netsurion version 7.X and later, and LOGbinder SP version 2 and later.

Download Integration Guide for more information.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept