For information, see LogRhythm System Monitor Compatibility and Functionality. We’ve also added additional support for System Monitor, which includes Windows 2022, Windows 11, Rocky Linux 9, and RHEL 9. For information, see the Component Operating System Support section in Review the Requirements for a New LogRhythm Deployment. For customers with RHEL licenses, LogRhythm SIEM supports RHEL 9. For customers that prefer the open-source version of Linux, Data Indexers and Open Collector support Rocky Linux 9 and RHEL 9. With the release of 7.13, LogRhythm is supporting and installing Microsoft Server 2022, Microsoft SQL Server 2019, and Rocky Linux. Over time, operating systems become outdated, making past versions unsupported. Filters include:Īpplying a filter on the Agents Grid. In environments that contain thousands of Agents, admins can filter down to view just the Agents that matter. The Agents Grid helps administrators immediately identify problematic Agents with Last Heartbeat highlighting. Restricted administrators can only view the effective System Monitors defined in their user profile. The Agents Grid shows a dynamic display of agents based on the access granted to the user. They can easily see a System Monitor's status and the timestamp of the last heartbeat received. On the Agents page, administrators can quickly check the status and health of System Monitors right in the Web Console. In the Web Console, global and restricted administrators now have an Agents option in the Administration menu. View System Monitor Agents in the Web Console For more information, see Configure Beats for JSON Parsing.Įnabling JSON parsing on a System Monitor Agent. This simplifies sizing, deployment, and troubleshooting of the platform. With the new architecture, Beats can be rerouted from the Open Collector parsing engine to the new parsing engine on the System Monitor. This significantly improves processing performance and removes the need to work with JQ query language. The 7.13 System Monitor is now embedded with a native JSON parsing engine. This removes the need to manually review Agent volumes and adjust which Data Processors the Agents are sending to, saving you time.Īssigning a System Monitor to a pool. When an Agent is assigned a DP pool, the Agent will spread the logs across the Data Processors. With version 7.13, LogRhythm introduces Data Processor Pooling, a new feature that lets administrators define a pool of one or more Data Processors to allow a single Agent to collectively send its data to a group of Data Processors. But there was not a good way to load balance these System Monitor Agents across multiple Data Processors - until now. System Monitor Agents are the workhorses that collect and ship data to Data Processors. Administrators can also turn off DP pooling by switching an Agent to pinned mode. Agents then auto-distribute their logs across the DP pool. With DP pooling, administrators can quickly define DP pools and assign Agents to them. New to the API and wondering how to get started? Learn more on the Community! Data Collection Data Processor Poolingĭata Processor pooling makes it easy for administrators to distribute log volume across a pool of Data Processors and create well-balanced Data Indexer clusters. With new features, come new REST API endpoints! LogRhythm 7.13 further extends the automation capabilities of the Admin API so that you can programmatically:Ĭonfigure, update, and retrieve System Monitor DP Pooling settings.Ĭonfigure, update, and retrieve System Monitor Load Balanced Group settings.Ĭonfigure, update, and retrieve log source Watch File Rename on Rollover settings.įor more details on all the available endpoints, see our REST API Documentation. Using SecondLook also means searches are passed off to a dedicated service for a more reliable user experience.įor installation and configuration details, see Install SecondLook API. Without having to pivot between the Web Console and Client Console, customers save valuable time. After installing and configuring SecondLook, customers can query data and search through archives directly from the Web Console. With LogRhythm 7.13, customers who use our self-hosted SIEM option now have access to SecondLook. Analyst Experience SecondLook in Web ConsoleĬustomers want to retain their data, and they need an easy way to find their older data. Click on the version picker in the upper-right corner on the SIEM and Installations and Upgrades landing pages. You can now select documentation associated with a specific version (starting with 7.12.0). We’ve updated our LogRhythm SIEM Documentation.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |