This guide describes how to deploy the LogRhythm UEBA Module. It is for LogRhythm administrators who handle the security of their organization’s infrastructure and for anyone installing and configuring the SIEM.

Module Contents

This module includes:

  • 66 AI Engine Rules
  • 17 Lists


The deployment of this module assumes the following:

  • The overall LogRhythm deployment is in a fully-developed state and is healthy.
  • The LogRhythm version is 7.3.1 or higher.
  • The TrueIdentity feature is fully configured.
  • LogRhythm’s UEBA feature is fully configured and integrated with your on-premises LogRhythm deployment.

Overview of Steps

This guide is divided into the following sections:

UEBA Deployment Guide - Upgrade Considerations

UEBA Deployment Guide - Import and Synchronize the Module

UEBA Deployment Guide - Configure the Module