Every quarter, LogRhythm improves customers’ experiences with new innovations that save users time and ease their workflow. With our fifth consecutive quarterly product release, LogRhythm is continuing the momentum with LogRhythm SIEM version 7.13, which features improvements to log source onboarding and log source management.
LogRhythm 7.13 features a new engine in the SIEM that can ingest JSON data significantly faster than before, a data processor pooling system that automatically distributes logs across data processors, and new and updated supported log sources, enabling you to focus on threat detection, investigation, and response.
We understand the challenges you face onboarding log sources. That’s why the team has made it even easier to ingest cloud-native log sources. As part of LogRhythm 7.13, we’ve embedded a JSON parsing engine into System Monitor, the SIEM’s collection system. The new engine, available to self-hosted and LogRhythm Cloud customers, reduces complexity and offers a significant performance increase. Now you no longer need to rely on JQ language to define parsers The latest update simplifies workload and administration to onboard data. LogRhythm Cloud customers can use the new JSON parsing engine via on-prem Open Collectors and System monitors. Cloud to Cloud collection will be updated at a later time.
Your agents are your workhorses as they collect data and ship the data to a data processor, which handles the parsing. But there had not been a good way to load balance these agents across multiple data processors — until now.
With LogRhythm 7.13, LogRhythm introduces Data Processor Pooling, a new feature that lets administrators define a pool of one or more data processors to allow a single agent to collectively send its data to a group of data processors. When an agent is assigned a Data Processing Pool, the agent will spread the logs across the data processors. This removes the need to manually review agent volumes and adjust which data processors the agents are sending to, saving you time. The feature is available to both self-hosted and LogRhythm Cloud customers.
To further support LogRhythm’s work to introduce additional client console functionality into the web console, LogRhythm created an Agents page that lets self-hosted and LogRhythm Cloud customers see and search through System Monitors in the web console, saving them time from switching between consoles. Customers can select an Agents administration page to view and do the following:
At LogRhythm, we take data seriously. And when it comes to retaining data, it’s important that customers find their data—especially older data—easily. With LogRhythm 7.13, customers who use our self-hosted SIEM option now have access to SecondLook, a tool that enables users to query data and search it in the archives, in the web console.
Customers that use this SecondLook feature can now search through their archives using the web console instead of the client console. This saves customers time from pivoting between consoles and passes SecondLook searches off to a dedicated service for a more reliable user experience. The latest release follows the launch of SecondLook in the web console to LogRhythm Cloud customers earlier this year as part of the LogRhythm 7.11 release.
To boost your performance, LogRhythm has updated the operating systems installed on LogRhythm appliances. Over time, operating systems become outdated, making past versions unsupported. With the release of 7.13, LogRhythm is supporting and installing Microsoft Server 2022, Microsoft SQL Server 2019, and Rocky Linux. For customers that prefer the open-source version of Linux, Data Indexers and Open Collector support Rocky Linux 9 and RHEL 9. For customers with RHEL licenses, LogRhythm SIEM supports RHEL 9.
We’ve also added additional support for System Monitor, which includes Windows 2022, Windows 11, Rocky Linux 9, and RHEL 9.
LogRhythm is continuing to review our supported log sources and make updates to strengthen our correlation and analysis. Our new and enhanced methods of ingestion include:
Get the latest features in LogRhythm 7.13! If you are an existing customer, you can request a license here and download LogRhythm 7.13 from Community. To keep your software current, LogRhythm’s Professional Service team can help you stay up to date with our SIEM releases every quarter — seamlessly and on your schedule with our Unlimited Upgrades Service. Customers can also get details on the latest LogRhythm product news and influence future features by visiting LogRhythm’s Innovation Portal.
Not a customer? You can still find out more about LogRhythm’s full suite of product releases for LogRhythm SIEM, LogRhythm Axon, and LogRhythm NDR, by registering for the July 2023 Quarterly Launch webinar or visit our What’s New webpage.
Businesses need to stay proactive to protect their infrastructure from emerging attack vectors. LogRhythm provides a cybersecurity…
The combined company will bring together two cybersecurity SIEM and UEBA innovation leaders with renowned…
Security teams face the challenge of staying ahead of new and advanced threats. By harnessing…