Skip to main content
Skip table of contents

SOX Deployment Guide – Import and Synchronize the Module

Gather Information Before Deploying the Module

Use the pre-implementation checklist to gather the following information should be gathered prior to implementing the User Threat Detection Module. This information is required when populating Lists and configuring individual AI Engine Rules:

  • Log Sources
  • Entities
  • Users
  • General Values

Import the Module

The SOX Module is part of the LogRhythm Knowledge Base (KB). Updating the KB automatically creates the proper Lists and AI Engine Rules.

  1. Download the newest Knowledge Base from the LogRhythm Community.
  2. Open the LogRhythm Console.

  3. In the Client Console on the Tools menu, click Knowledge, and then click Knowledge Base Manager.

    To open the Knowledge Base Manager, the Deployment Manager must be closed.

  4. On the File menu, click Import Knowledge Base File.
  5. Select the newly downloaded Knowledge Base file, and then click Next to unpack and validate it. 
    This step takes a few minutes as the system unpacks the new Knowledge Base.
  6. When the import is complete, you may have the option to preview common event changes. 
    You should now be on step 4 in the Knowledge Base Import Wizard, “Import Knowledge Base."
  7. Scroll down, select Compliance Automation Suite: SOX, and then click OK.
  8. To import the Knowledge Base, click Next.
    You will receive confirmation that the import was successful.
  9. Click Next to review common event changes, or close the Knowledge Base import dialog box.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close