This guide describes how to deploy the LogRhythm UEBAM. It is for LogRhythm administrators who handle the security of their organization’s infrastructure and for anyone installing and configuring the SIEM.

Module Contents

This module includes:

  • 65 AI Engine Rules
  • 17 Lists

Prerequisites

The deployment of this module assumes the following:

  • The overall LogRhythm deployment is in a fully-developed state and is healthy.
  • The LogRhythm version is 7.3.1 or higher.
  • The TrueIdentity feature is fully configured.
  • LogRhythm’s CloudAI feature is fully configured and integrated with your on-premises LogRhythm deployment.

Overview of Steps

This guide is divided into the following sections:

UEBA Deployment Guide—Upgrade Considerations

UEBA Deployment Guide—Import and Synchronize the Module

UEBA Deployment Guide—Configure the Module