LogRhythm Compliance Packages
LogRhythm's comprehensive compliance packages include:
Pre-built Reports that summarize log and event data, audit data such as who accessed the LogRhythm system, what logs were reviewed and when, what actions were taken in response to specific events that are specifically called out in the compliance regulation, etc. Additionally, each report specifies what compliance requirement calls for the reporting of that information.
Pre-built Alarms that automate the notification of appropriate personnel when an event occurs that maps to a specific compliance requirement that mandates alerting (e.g., PCI 5.2 “Ensure that all anti-virus mechanisms are current, actively running and capable of generating audit logs.” – For this requirement our pre-built alarm would be configured to send a notification whenever malware is detected.). Note: a record that an alarm was sent is captured and reported to provide evidence of compliance.
Pre-built Investigations that create interactive reports that are generated based upon criteria defined as a compliance requirement (e.g., PCI 1.2.1 “Restrict inbound and outbound traffic to that which is necessary for the cardholder data environment.” – For this requirement our pre-built investigations would generate an interactive report showing verification that inbound and outbound traffic is properly controlled (limited and/or denied) for the cardholder data environment. The investigation would provide verification of proper controls and the presence of improper network activities.)
Download Compliance Whitepapers Now
Request more information
LogRhythm’s personal Dashboard provides a fully customized view of events in real time. Using the Personal Dashboard, users can quickly and efficiently monitor for suspicious activity impacting servers, applications and devices.
LogRhythm automatically identifies important audit events in real time, reports them and alerts on events that warrant immediate action. LogRhythm can automatically identify numerous types of audit activity including:
- Changes to a system configuration
- Repeated authentication failures from the same login
- Repeated access control violations from the same login
- Repeated access control violations from the same host
- Account management activity
- Critical file changes & deletions
Auditors can be automatically notified of specific audit activity and use LogRhythm analysis tools to assist and speed up the review process.
Independent Audit Log Access
LogRhythm automates and reduces the cost of acquiring audit data. Audit logs are collected immediately, without requiring the assistance of administrators. This saves time while preserving segregation of duties. With LogRhythm, auditors have independent and centralized access to log data. Log data is automatically prepared for analysis and reporting. Auditors can use LogRhythm analysis tools or develop their own.
Terminated Account Monitoring
A challenge many companies face is disabling a user account after the user has left the company. An employee may have multiple accounts across different systems and applications. LogRhythm allows you to easily monitor any activity originating from what should be a terminated user account.