This guide describes how to deploy the LogRhythm UEBA Module. It is for LogRhythm administrators who handle the security of their organization’s infrastructure and for anyone installing and configuring the SIEM.
Module Contents
This module includes:
- 66 AI Engine Rules
- 17 Lists
Prerequisites
The deployment of this module assumes the following:
- The overall LogRhythm deployment is in a fully-developed state and is healthy.
- The LogRhythm version is 7.3.1 or higher.
- The TrueIdentity feature is fully configured.
- LogRhythm’s UEBA feature is fully configured and integrated with your on-premises LogRhythm deployment.
Overview of Steps
This guide is divided into the following sections:
UEBA Deployment Guide - Upgrade Considerations
UEBA Deployment Guide - Import and Synchronize the Module
UEBA Deployment Guide - Configure the Module