Skip to main content
Skip table of contents

User and Entity Behavior Analytics

The User and Entity Behavior Analytics Module (UEBAM) is a collection of AI Engine rules designed to detect unusual or malicious user activity that is occurring within your organization.

The UEBA Module contains licensed content that is available only to customers with a valid subscription.

Module Revisions

The following table summarizes the changes that have been made since the last release (3.3) of the User and Entity Behavior Module.

AIE Rule ID

AIE Rule Name

New

1598LogRhythm Intelligence and File (NGFW) Detection
1599LogRhythm Intelligence and Location Watch List
1600LogRhythm Intelligence and Recent User Location
1601LogRhythm Intelligence and Sensitive Data (NGFW) Detection
1602LogRhythm Intelligence and User Recently Added to a Privileged Group
1603LogRhythm Intelligence and User related Security Classification Event:Impacted User
1604LogRhythm Intelligence and User related Security Classification Event:Origin User
1605LogRhythm Intelligence Multiple O365 Downloads
1606LogRhythm Intelligence Multiple O365 Files Del:1st
1607LogRhythm Intelligence Multiple O365 Files Del:2nd
1608LogRhythm Intelligence New Host & User Pass Change
1609LogRhythm Intelligence Threat Event
1610LogRhythm Intelligence Threat Event and Identity Lists
1611LogRhythm Intelligence User Score & Pass Modified
1612LogRhythm Intelligence Multiple User Threat Events

UEBA Module Contents

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.