Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

IN THIS PAGE

LOGbinder SP Event Collection from Microsoft SharePoint

 

The JSA DSM for Microsoft SharePoint can collect LOGbinder SP events.

The following table identifies the specifications for the Microsoft SharePoint DSM when the log source is configured to collect LOGbinder SP events:

Table 1: LOGbinder for Microsoft SharePoint Specifications

Specification

Value

Manufacturer

Microsoft

DSM name

Microsoft SharePoint

RPM file name

DSM-MicrosoftSharePoint-JSA_version-build_number.noarch.rpm

Supported versions

LOGbinder SP V4.0

Protocol type

Syslog

LEEF

JSA recorded event types

All events

Automatically discovered?

Yes

Included identity?

No

More information

http://office.microsoft.com/en-sg/sharepoint/ (http://office.microsoft.com/en-sg/sharepoint/)

http://www.logbinder.com/products/logbindersp/ (http://www.logbinder.com/products/logbindersp/)

The Microsoft SharePoint DSM can collect other types of events. For more information about other Microsoft SharePoint event formats, see the Microsoft SharePoint topic in the Juniper Secure Analytics Configuring DSMs.

To collect LOGbinder events from Microsoft SharePoint, use the following steps:

  1. If automatic updates are not enabled, download the most recent version of the following RPMs:

    • DSMCommon RPM

    • Microsoft SharePoint DSM RPM

  2. Configure your LOGbinder SP system to send Microsoft SharePoint event logs to JSA.

  3. If the log source is not automatically created, add a Microsoft SharePoint DSM log source on the JSA Console. The following table describes the parameters that require specific values that are required for LOGbinder event collection:

    Table 2: Microsoft SharePoint Log Source Parameters for LOGbinder Event Collection

    Parameter

    Value

    Log Source type

    Microsoft SharePoint

    Protocol Configuration

    Syslog

Configuring Your LOGbinder SP System to Send Microsoft SharePoint Event Logs to JSA

To collect Microsoft SharePoint LOGbinder events, you must configure your LOGbinder SP system to send events to JSA.

  1. Open the LOGbinder SP Control Panel.
  2. Double-click Output in the Configure pane.
  3. Choose one of the following options:

    • Configure for Syslog-Generic output:

      1. In the Outputs pane, double-click Syslog-Generic.

      2. Select the Send output to Syslog-Generic check box, and then enter the IP address and port of your JSA Console or Event Collector.

    • Configure for Syslog-LEEF output:

      1. In the Outputs pane, double-click Syslog-LEEF.

      2. Select the Send output to Syslog-LEEF check box, and then enter the IP address and port of your JSA Console or Event Collector.

  4. Click OK.
  5. To restart the LOGbinder service, click the Restart icon.

Related Documentation