CIS Controls - Install and Enable the Compliance Module
The CIS Controls Security Control Suite is provided as part of the LogRhythm Knowledge Base. Updating the LogRhythm Knowledge Base automatically creates the proper Lists, AIE Rules, Investigations, Reports, and Reporting Packages. Follow the instructions below to Import the Knowledge Base.
- Download the latest Knowledge Base, available under Documentation & Downloads on the LogRhythm Community.
- Open the LogRhythm Client Console.
On the Tools menu, click Knowledge, and then click Knowledge Base Manager
To open the Knowledge Base Manager, the Deployment Manager must be closed.On the File menu, click Import Knowledge Base File.
Select the newly downloaded Knowledge Base file, and then click Next to unpack and validate it.
This step takes a few minutes as the system unpacks the new Knowledge Base.
When the import is complete, you may have the option to preview common event changes.
You should now be on step 4, Import Knowledge Base.To import the Knowledge Base, click Next.
Upon completion, the Import Progress Import Completed message appears.Click OK.
The Knowledge Base Updated message appears.Click OK.
On the Knowledge Base Import Wizard, click Close.
In the Knowledge Base Modules grid, scroll down, and search for CIS Controls Security Control Suite.
Locate the Enabled column in the grid for the desired module.
If the box is checked, the Module is already enabled and available to users in the SIEM deployment.
If the Enabled box is not selected, enable the Module by selecting its Action check box, right-clicking the Module name, clicking Actions, and then clicking Enable Module.To import the Knowledge Base, click Next.
You receive confirmation that the import was successful.To review common event changes or close the Knowledge Base import dialogue box, click Next.