LogRhythm 7.8 was the last published version of the SOAP API. LogRhythm is deprecating the SOAP API in favor of more effective and sustainable integration through RESTful APIs. While the SOAP API is still usable in 7.9, we encourage customers and partners using the SOAP API to migrate their integrations to REST APIs. For more information on REST integration, see our REST API documentation.
Using the LogRhythm SOAP API with Windows Authentication requires that the web server be configured to perform cross-machine delegation using Kerberos. The following steps describe the configuration changes required to enable Windows Authentication. Some of these steps require security changes in Active Directory and must be performed by a Domain Administrator. Windows Authentication is only supported if all servers and accounts are members of the same Active Directory forest.
Understanding Kerberos Double Hop
Registering a Service Principal Name for Microsoft SQL Server
Delegation and Impersonation with WCF
Enable Kerberos Event Logging
DelegConfig is a very useful ASP.NET application for validating Kerberos configuration. However, it must be installed and configured on the IIS web server as a .NET 2.0 application.