Skip to main content
Skip table of contents

PCI DSS 4.0 User Guide – LogRhythm GeoIP Functionality


LogRhythm Geolocation is a key function in enterprise log management and SIEM that equips the organization to establish global awareness. You can use network visualization and relationship mapping to establish customized geolocation settings. LogRhythm Professional Services can help you set up the GeoIP Resolution to the country level so you to achieve global event awareness without bogging down your SIEM. With the specific guidelines recommended in the PCI DSS 4.0 publication, geolocation functionality can serve many purposes for an organization maturing its security posture.

For example, you can monitor inbound traffic from countries with strict data protection laws or with known high risk for malicious activity to ensure you are adhering to PCI DSS 4.0 regulations and following its policies. The PCI DSS 4.0 module contains AIE rules and alarms designed to notify appropriate individuals if new data subjects enter personal data into your environment. This functionality empowers your organization to apply policies and ensure you are in compliance with the PCI DSS 4.0 data protection requirements.

To use GeoIP functionality, a LogRhythm administrator must enable the feature in the Data Processor’s advanced settings. When applying the GeoIP functionality to the deployment, choose a level of granularity that fits your resources and requirements. From least to most granular, the following settings can be established: Country, Region, and City. When you add this location context to pertinent log data, it can be a vital tool that can be used to meet various log monitoring objectives.

Refer to LogRhythm’s Geolocation Feature Description: LogRhythm GeoLocation Visualization

AIE Rules

Notification Area

Corresponding Investigation

CCF: GeoIP Blacklisted Region Activity

Security : Suspicious

CCF: GeoIP Inv

CCF: GeoIP General Activity

Security : Suspicious

CCF: GeoIP Inv


There are other enhanced LogRhythm capabilities that can be utilized as your organization’s compliance and security programs mature. These are discussed in more detail within the PCI DSS 4.0 Deployment Guide.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.