Support

Support for business applications

Kaspersky CyberTrace

Administrator guides

Upgrading and managing the installation

Upgrading Kaspersky CyberTrace from a previous version

Upgrading Kaspersky CyberTrace integration (LogRhythm)
Kaspersky CyberTrace
Нет результатов
Online Help
FAQ System requirements Download Contact support Recovery tools Product videos

Upgrading Kaspersky CyberTrace integration (LogRhythm)

April 11, 2024

ID 204301

This section describes how to finish the integration of Kaspersky CyberTrace with LogRhythm after upgrading Kaspersky CyberTrace.

Finishing the integration of Kaspersky CyberTrace with LogRhythm consists of the following steps:

  • Adding new events to LogRhythm
  • Removing obsolete events from LogRhythm

Adding new events

To add new events to LogRhythm:

Add the required categories and alert events automatically or manually (as described in sections "Step 3 (optional). Adding Kaspersky CyberTrace events" and "Step 4 (optional). Adding Kaspersky CyberTrace rules").

Removing obsolete events

To remove obsolete events from LogRhythm:

  1. Run LogRhythm Console.
  2. Select Deployment Manager > Tools > Knowledge > MPE Rule Builder.

    The Rule Builder form opens.

  3. Click the Open rule library (Open rule library button in LogRhythm.) button.
  4. For each obsolete event, perform the following:
    1. Double-click the rule you want to retire.

      A preview window for the rule opens.

    2. Click the Retire rule (Retire rule button (white cross on a red background).) button.
    3. In the Verify Retire window, click Yes.

    Verify Retire window in LogRhythm.

    Verify Retire window

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.