Skip to main content
Skip table of contents

Global Log Processing Rules

Global Log Processing Rules (GLPR) are a part of the Advanced Data Management settings which provide a way to override settings defined in Classification Based Data Management (CBDM) or Standard Data Management modes (Log Message Source, Log Processing Policy). A GLPR provide a way to apply Data Management settings across all Data Processors, Log Sources and Log Processing Policies to logs that meet your specific criteria.

GLPR overrides are globally applied to log messages that match Classification Criteria (such as Network/Deny, Authentication/Failure, etc), and are customized with Include and/or Exclude Filters for log metadata. This flexibility provides a manageable way to determine how logs are processed throughout the system, regardless of settings used by various Log Sources and/or Log Processing Policies. Logs that do not match the GLPR filters are processed normally per CBDM or Standard Data Management settings.

LogRhythm diagnostic common events are not affected by Global Log Processing rules.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close