Disaster Recovery Installations and Upgrades

LogRhythm’s Disaster Recovery solutions are optimized to meet recovery objectives and minimize resource requirements. They provide an affordable option for enterprise business continuity planning while also providing continuous security monitoring. LogRhythm provides disaster recovery capabilities at each layer of the solution, including mirroring of the deployment configuration data, events and alarms to a secondary site. This allows for continued operation of LogRhythm’s Security Intelligence Platform if the primary site is disrupted. It also allows enterprises to adhere to disaster recovery policies to provide protection in case a primary site fails due to natural or man-made disasters. 

Starting with LogRhythm 7.8, the High Availability (HA) and Disaster Recovery (DR) software was decoupled from the SIEM software. There will no longer be a new upgrade package provided for HA/DR with every SIEM release.

LogRhythm Disaster Recovery Solutions

LogRhythm’s Disaster Recovery Solutions deliver:

• Full operational support of LogRhythm’s Security Intelligence Platform in case of a disaster
  • Synchronization of deployment management across separate sites through industry standard replication technology
    • Rollover of remote data sources, which forward data to secondary sites for seamless failover
    • Access to data, events and alarms with primary system configuration maintained at secondary site
• Customizable recovery point objective (RPO) with minimal loss of data based on customer requirements
• Low recovery time objective (RTO) for minimal service disruption
• Manually initiated failover control through an automated process that leverages an existing DNS infrastructure

Key Features

• Leverages existing components
• Continuous database and login mirroring
• No additional MPS licensing requirements
• Redundancy at every layer
• Collection log management and event management
• Customizable DR deployment options on a per device basis
• Simple/optimized operation & configuration
• A single management console with centralized administration that is available from anywhere
• Efficient bandwidth consumption with encrypted data transfers between sites
• Supported as an add-on to an existing LogRhythm deployment

LogRhythm can be configured to meet both High Availability and Disaster Recovery objectives in order to ensure optimal business continuity and data retention.

High Availability, Disaster Recovery, and HA+DR Release Notes

Version 10.13.0 - February 2024

LogRhythm High Availability, Disaster Recovery, and HA+DR installation packages are independently versioned from the LogRhythm SIEM. The current version of HA, DR, and HA+DR is 10.13.0.

Compatibility Matrix

• LogRhythm SIEM Core Component Versions 7.8+

• Windows Server Operating System Versions: 2012 R2, 2016, 2019 and 2022

• High Availability SIOS Lifekeeper Version: 8.9.1

Support for Windows Server 2008 R2 has been retired with this version.

Enhancements & Resolved Issues

Known Issues

The following issues have each been found and reported by multiple users.