Integration with LogRhythm

February 27, 2024

ID 183778

This chapter describes how to integrate Kaspersky CyberTrace with LogRhythm.

The actions described in these sections must be performed in LogRhythm Console under a user account that has administrator privileges.

To integrate LogRhythm with Kaspersky CyberTrace:

  1. Add the Kaspersky CyberTrace log source type to LogRhythm.
  2. Import files with Kaspersky CyberTrace rules.
  3. Optionally, add Kaspersky CyberTrace events to LogRhythm.
  4. Optionally, add Kaspersky CyberTrace rules to LogRhythm.
  5. Add a Kaspersky CyberTrace policy to LogRhythm.
  6. Accept the Kaspersky CyberTrace log source in LogRhythm.
  7. Configure LogRhythm to forward logs to Kaspersky CyberTrace.
  8. Perform the verification test.
  9. Optionally, create alerts about incoming Kaspersky CyberTrace service events.
  10. Optionally, configure LogRhythm to display alert events.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.