Open LDAP
Version: Open LDAP 2.4 or later and rsyslog 5.
LDAP stands for Lightweight Directory Access Protocol. As the name suggests, it is a lightweight client-server protocol for accessing directory services, specifically X.500-based directory services. LDAP runs over TCP/IP or other connection oriented transfer services. A directory is similar to a database, but tends to contain more descriptive, attribute-based information. The information in a directory is generally read much more often than it is written.
Netsurion Open XDR is capable of receiving syslog from LDAP server. Through knowledge base solutions (category, alerts, and reports) Netsurion Open XDR helps you to monitor, alert and generate reports for any LDAP object changes.
The Logging overlay can be used to record all changes on a given backend database and send to Netsurion Open XDR as syslog.
After the LDAP monitoring is configured to deliver events to the Netsurion Open XDR, the dashboards and reports can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | LDAP – Object deleted | This alert is generated when any object is deleted from LDAP |
Reports
| Type | Name | Description |
|---|---|---|
| Security | LDAP – Directory object added | This category based report provides information related to objects added to LDAP. |
| Security | LDAP – Directory object deleted | This category based report provides information related to deleted objects from LDAP. |
| Security | LDAP – Directory object modified | This category based report provides information related to modified objects in LDAP. |
Documentation
The configuration details are consistent with Netsurion Open XDR 9.x or later, and Open LDAP 2.4 or later and rsyslog 5.
Download Integration Guide for configuration instructions and more information.