Today it seems like more organizations are asking security teams to do more with less. Less staff and tools mean you need to have effective and well-tuned tools that return results with minimal effort. At LogRhythm, our goal is to make your job easier — especially if you are an administrator or analyst. Cybersecurity is difficult, but certain aspects of the job don’t need to be.
As part of our sixth consecutive quarterly product release, we’ve released LogRhythm SIEM version 7.14. One of the highlights of the latest release is the SIEM’s ability to streamline Beat log source onboarding in the Web Console.
Simplify Log Source Onboarding
We’ve been laser-focused to improve the customer experience with LogRhythm SIEM, especially when it concerns log source onboarding. To help save you time and boost the efficiency of your security operations center (SOC), LogRhythm has simplified the process to onboard cloud-native log sources. As part of a new UI, administrators can now onboard cloud log sources through the Web Console.
With LogRhythm 7.14, we’ve removed the technical difficulties to onboard log sources by bringing the process into a simple wizard-driven experience, cutting your time to onboard log sources in half.
With this updated SIEM capability, you no longer need to navigate through several servers or user interfaces to complete the onboarding process, or search for commands or instructions. Our built-in wizard asks questions and offers guidance for what you need to obtain from the API provider to connect to LogRhythm — all through one screen. This reduces the amount of administrative overhead, allowing you to focus on what’s important.
LogRhythm’s initial release will support 10 log sources, with others to follow in the coming months:
- AWS S3
- Azure Event Hub
- PubSubNop
- Microsoft Graph API
- Prisma Cloud
- Duo Authentication
- Carbon Black Cloud
- Cisco Secure Endpoint
- Proofpoint
- Symantec
Decreasing Reliance on Highly Technical Skills
With ongoing staffing shortages, you need all the resources at your disposal. The latest SIEM feature makes it simple for new SOC analysts and administrators to make configuration changes quickly. In versions prior to LogRhythm 7.14, configuration changes require users to log into the Client Console. Now, log source onboarding can all be done through that one workflow using the wizard in the Web Console.
SOC analysts and administrators who are new in their role don’t need to be a LogRhythm expert to understand how to onboard Beats and log sources. The intuitive UI and wizard will guide administrators through the process, freeing them up for more time-sensitive tasks.
Paving the Way for Future Enhancements
The latest feature in LogRhythm 7.14 streamlines the process to onboard log sources in the SIEM, and it’s just the beginning. LogRhythm is bridging the gap to enable the Web Console to handle more administration work, making your job even easier. With the improved Web Console and APIs watch for more functionality to be re-envisioned in the Web Console that simplifies workflows and processes allowing you to focus on what matters — protecting your organization from cyberattacks and not tweaking/tuning your SIEM. Existing customers can request a license here and download LogRhythm 7.14 from Community. Information and documentation on the latest SIEM enhancements are available in the Release Notes.
In the coming months, LogRhythm plans to introduce easier workflows to onboard sources that we don’t natively support. Innovation is part of LogRhythm’s core. Stay tuned for more!