Support

Support for business applications

Kaspersky CyberTrace

Installation and integration guides

Part 2: Integrating Kaspersky CyberTrace with an event source

Integration with LogRhythm

Step 5. Adding Kaspersky CyberTrace policy
Kaspersky CyberTrace
Нет результатов
Online Help
FAQ System requirements Download Contact support Recovery tools Product videos

Step 5. Adding Kaspersky CyberTrace policy

April 11, 2024

ID 183787

This section describes how you can add a Kaspersky CyberTrace policy to LogRhythm.

To add a Kaspersky CyberTrace policy to LogRhythm:

  1. Run LogRhythm Console.
  2. Select Deployment Manager > Log Processing Policies.
  3. Click the New button (Create a new rule (plus) icon in LogRhythm.).

    The Log Source Type Selector window opens.

    Log Source Type Selector window in LogRhythm.

    Log Source Type Selector window

  4. In the Log Source Type list, select Kaspersky CyberTrace.
  5. Click OK.
  6. In the MPE Policy Editor window that opens, in the Name field, type the policy name (CyberTrace Policy).

    MPE Policy Editor window in LogRhythm.

    MPE Policy Editor window

  7. On the Rules tab, edit the properties of the Kaspersky CyberTrace events:
    1. Select all the check boxes for every event.
    2. Right-click in the table and select Properties.

    The MPE Policy Rule Editor window opens.

    MPE Policy Rule Editor window in LogRhythm.

    MPE Policy Rule Editor window

  8. In the MPE Policy Rule Editor window, select the Enabled check box but make no changes to the other check boxes.
  9. Click OK.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.