API Log Sources
LogRhythm currently provides configuration guides for more than 20 API log sources, but the SIEM supports many more.
Our goal is to provide a configuration guide for every device the SIEM supports. If your API log source is not included yet, rest assured that we are working on it.
Recently Updated Guides
| Name | Date |
|---|---|
| API - AWS CloudTrail | September 23, 2021 |
| API - AWS CloudWatch Alarm | September 23, 2021 |
| API - AWS Config Event | September 23, 2021 |
| API - AWS S3 CloudTrail (via Flat File) | September 23, 2021 |
| API - AWS S3 Server Access Event | September 23, 2021 |
| API - Office 365 Management Activity (Microsoft) | September 23, 2021 |
| API - Office 365 Message Tracking (Microsoft) | September 23, 2021 |
| API - Office 365 Management Activity (Microsoft) | March 8, 2021 |
Configure LogRhythm to Collect Logs
Only Global Admins or Restricted Admins with elevated View and Manage privileges can take this action.
These instructions assume you have already completed all procedures described in the specific device configuration guide for the logs you want to collect.
- In the Client Console on the main toolbar, click Deployment Manager.
- Click the System Monitors tab.
- Double-click the System Monitor Agent that collects the information.
The System Monitor Agent Properties dialog box appears. - Click the Agent Settings tab.
- Right-click anywhere in the Log Message Sources Collected by this Agent grid, and then click New.
- Click the Basic Configuration tab.
For Log Message Source Type, select the name of the log as provided in the specific device configuration guide, and then click OK.
Complete any additional steps described in the specific device configuration guide, if applicable.
To save the configuration, click OK, and then click OK again.