Applies To: LOGbinder SP version 2 and later.
LOGbinder SP translates cryptic SharePoint audit data into easy-to-understand messages and sends them to your EventTracker. LOGbinder SP does not require an agent to be installed on your SharePoint servers, nor does it make intrusive changes to your SharePoint environment. It simply bridge the gap by bringing application security intelligence on SharePoint to your security operations center. LOGbinder SP is a small, efficient Windows service that runs on any Windows server that is a member of your SharePoint farm. This can be an existing SharePoint server or a dedicated server – even a VM. It just needs to be a member of the farm so that LOGbinder can interface with the SharePoint API.
EventTracker is an enterprise-class platform that seamlessly combines SIEM, Log Management, File Integrity Monitoring, machine Analytics and so forth. It is designed to address an ever-changing landscape of threats and challenges, with a full suite of high-performance tools for security, compliance, and operations. EventTracker delivers comprehensive, useful and actionable insight into what is really going on in and around an enterprise IT environment.
EventTracker Knowledge Pack for LOGbinderSQL allows you to monitor following:-
Once logs are received in to EventTracker, Alerts and reports can be configured into EventTracker.
Some of the Knowledge Packs available in EventTracker are listed below. For more information please refer Integration Guide.
Categories and Reports:-
The configuration details in this guide are consistent with EventTracker version 7.X and later, and LOGbinder SP version 2 and later.
For more information please refer to the Integration guide