CIS Controls - Verify the Installation

After you install the Knowledge Base, you can configure the CIS Controls Security Control Suite. This section shows how you can verify that the CIS Controls Security Control Suite was properly installed.

Intelligent Indexing

Intelligent Indexing allows reports, investigations, and tails to keep the appropriate log data online in the Log Manager/Data Processor. Be careful when choosing which object to allow Intelligent Indexing, because broad criteria can cause an exceptional amount of online data and overwhelm the Log Manager/Data Processor. For a list of Intelligent Indexing-capable objects and their recommended settings, see the module matrices.

Check Lists

Verify thirty-three (33) total Lists are contained in the List Manager. The Lists are available in the CCF documentation.

Establish Lists based on the content that is enabled (see the following three sections).

Check AIE Rules

Verify forty-one (41) AI Engine Rules are contained in the Advanced Intelligence (AI) Engine Rule Manager found in the Deployment Manager.

Check Investigations

Verify twenty-nine (29) Investigations are contained in the LogRhythm Client Console.

Check Summary Reports

Verify thirty (30) Summary Reports are contained in the Reports tab of the Report Center.

Check Detailed Reports

Verify five (5) Detailed Reports are contained in the Reports tab of the Report Center.

Check Reporting Packages

Verify four (4) Reporting Packages are contained in the Report Packages tab of the Report Center.