Skip to main content

LogPoint SIEM Integration

Download With Dependencies

Use this Content Pack to fetch incident logs from LogPoint, analyze them for underlying threats, and respond to these threats in real-time.

LogPoint is a security information and event management (SIEM) solution that detects, analyzes, and responds to threats within your data for faster security investigations. LogPoint provides a complete view of the threat landscape by automatically identifying and sending alerts about any critical incidents or abnormalities in your system.

The LogPoint SIEM integration combines security monitoring and incident response to help security staff respond to and resolve incidents fast.

Capabilities of the LogPoint SIEM content pack

The playbooks in the pack are based on LogPoint SIEM data and help automate repetitive tasks associated with LogPoint SIEM incidents:

  • Syncs and updates LogPoint SIEM incidents.
  • Helps analysts focus on important alerts with built-in incident prioritization.
  • Reduce mean time to respond with incident mapping.
  • Contains a sample playbook to guide users on creating unique playbooks.
  • Full incident control with the ability to update, resolve, and close incidents.
  • Automates coordinated actions and responses to save time on incident resolution.
  • Provides search commands to get logs from LogPoint devices and repos.

LogPoint is a security information and event management (SIEM) solution that detects, analyzes, and responds to threats within your data for faster security investigations. LogPoint provides a complete view of the threat landscape by automatically identifying and sending alerts about any critical incidents or abnormalities in your system.

The LogPoint SIEM integration combines security monitoring and incident response to help security staff respond to and resolve incidents fast.

Capabilities of the LogPoint SIEM content pack

The playbooks in the pack are based on LogPoint SIEM data and help automate repetitive tasks associated with LogPoint SIEM incidents:

  • Syncs and updates LogPoint SIEM incidents.
  • Helps analysts focus on important alerts with built-in incident prioritization.
  • Reduce mean time to respond with incident mapping.
  • Contains a sample playbook to guide users on creating unique playbooks.
  • Full incident control with the ability to update, resolve, and close incidents.
  • Automates coordinated actions and responses to save time on incident resolution.
  • Provides search commands to get logs from LogPoint devices and repos.

PUBLISHER

LogPoint

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByPartner
CreatedJanuary 27, 2021
Last ReleaseJuly 25, 2023
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.