Integration with LogRhythm

This chapter describes how to integrate Kaspersky CyberTrace with LogRhythm.

The actions described in these sections must be performed in LogRhythm Console under a user account that has administrator privileges.

To integrate LogRhythm with Kaspersky CyberTrace:

1. Add the Kaspersky CyberTrace log source type to LogRhythm.
2. Import files with Kaspersky CyberTrace rules.
3. Optionally, add Kaspersky CyberTrace events to LogRhythm.
4. Optionally, add Kaspersky CyberTrace rules to LogRhythm.
5. Add a Kaspersky CyberTrace policy to LogRhythm.
6. Accept the Kaspersky CyberTrace log source in LogRhythm.
7. Configure LogRhythm to forward logs to Kaspersky CyberTrace.
8. Perform the verification test.
9. Optionally, create alerts about incoming Kaspersky CyberTrace service events.
10. Optionally, configure LogRhythm to display alert events.

Page top