Skip to main content
Skip table of contents

GPG-13 Deployment Guide – Install the Package


The GPG-13 Pre-Implementation section summarizes the collection of infrastructure details needed to configure the GPG-13 Advanced Compliance Suite. It should be noted that LogRhythm offers the GPG-13 Advanced Compliance Suite out-of-the-box to LogRhythm customers.

The LogRhythm GPG-13 Advanced Compliance Suite provides bundled Alarms, Investigations, and Reports to help demonstrate regulatory compliance. The GPG-13 Auditor will check for specific line-item regulations to be met by LogRhythm.

Pre-Implementation

The Pre-Implementation Checklist is used to collect all necessary infrastructure details used to configure the GPG-13 Advanced Compliance Suite. During this phase, the following items should be collected:

  • Log Source Lists
  • User Lists

Install and Enable the Compliance Module

The GPG-13 Advanced Compliance Suite is provided as part of the LogRhythm Knowledge Base (KB). Updating the KB automatically creates the proper Lists, AI Engine Rules, Investigations, Reports, Reporting Packages, and Tails.

  1. Download the latest Knowledge Base, available under Documentation & Downloads on the LogRhythm Community.
  2. Open the LogRhythm Console.

  3. On the Tools menu, click Knowledge, and then click Knowledge Base Manager.

    To open the Knowledge Base Manager, the Deployment Manager must be closed.

  4. On the File menu, click Import Knowledge Base File.
  5. Select the newly downloaded Knowledge Base file, and then click Next to unpack and validate it.
    This step takes a few minutes as the system unpacks the new Knowledge Base.
    When the import is complete, you may have the option to preview common event changes.
    You should now be on step 4, “Import Knowledge Base.”
  6. To import the Knowledge Base, click Next.
    Upon completion, the Import Progress Import Completed message appears.
  7. Click OK.
    The Knowledge Base Updated message appears.
  8. Click OK.
  9. On the Knowledge Base Import Wizard, click Close.
  10. In the Knowledge Base Modules grid, scroll down, and search for GPG-13 Advanced Compliance Suite.
  11. Locate the Enabled column in the grid for the module. If the box is checked, the Module is already enabled and available to users in the SIEM deployment. If the Enabled box is not checked, enable the Module by selecting its Action check box, right-clicking the Module name, then clicking Actions, and clicking Enable Module.
  12. To import the Knowledge Base, click Next.
    You will receive confirmation that the import was successful.
  13. To review common event changes, click Next, or close the Knowledge Base import dialogue box.

Verify the Installation

After you install the Knowledge Base, the MAS-TRMG Compliance Automation Suite should be ready to configure. This section shows how you can verify that the GPG-13 Advanced Compliance Automation Suite has been installed properly.

Check Lists

Verify twenty-two (22) total Lists are contained in the List Manager. 

Check AIE Rules

Verify twenty-nine (29) AI Engine Rules are contained in the Advanced Intelligence (AI) Engine Rule Manager found in the Deployment Manager.

Check Investigations

Verify twelve (12) Investigations are contained in the LogRhythm Client Console.

Check Reports

Verify one-hundred four (104) Reports are contained in the Reports tab of the Report Center tab.

Check Reporting Packages

Verify two (2) Reporting Packages are contained in the Report Packages tab of the Report Center tab.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close