After you install the Knowledge Base, the NIST Compliance Automation Suite should be ready to configure. This section shows how you can verify that the NIST Compliance Automation Suite has been installed properly.
Intelligent Indexing allows Reports, Investigations, and Tails to keep the appropriate log data online in the Log Manager/Data Processor. Care must be taken when choosing which object to allow Intelligent Indexing as broad criteria can cause an exceptional amount of online data and overwhelm the Log Manager/Data Processor. For a list of Intelligent Indexing-capable objects and their recommended settings, see the module matrices.
Verify thirty-two (32) total Lists are contained in the List Manager. The NIST: All Log Sources List should be populated based on the defined scope of your NIST compliance (see ). All other lists relate to the CCF approach being applied to the NIST Compliance Automation Suite. Not all lists are required and should be applied according to your organization’s defined scope & system classifications.
Check AIE Rules
Verify sixty-nine (69) AI Engine Rules (see NIST—AI Engine Rules) are contained in the Advanced Intelligence (AI) Engine Rule Manager found in the Deployment Manager.
Verify thirty-three (33) Investigations (see NIST—Investigations) are contained in the LogRhythm Client Console.
Check Summary Reports
Verify thirty-five (35) Summary Reports (see NIST—Reports and Reporting Packages) are contained in the Reports tab of the Report Center.
Check Detailed Reports
Verify two (2) Detailed Reports (see NIST—Reports and Reporting Packages) are contained in the Reports tab of the Report Center tab.
Check Reporting Packages
Verify four (4) Reporting Packages (see NIST—Reports and Reporting Packages) are contained in the Report Packages tab of the Report Center tab.