Skip to main content
Skip table of contents

Least Privileged User: PM, AIE Communication Manager

The Job Manager runs scheduled report jobs and other background functions, such as automated list imports and heartbeat monitoring. You can schedule report packages to run and be delivered automatically using the Scheduled Report Job Manager. The Job Manager then creates, exports, notifies, and delivers the reports.

Purpose

The AIE Communication Manager is a message broker between the log Mediators and the AIE service. This service receives log messages and writes them into the AIE archive format for use by the AIE service.

Shared Resource

The AIE and AIE Communication Manager services share directories for configuration, state, and data files. These directories can be configured in the AI Engine Configuration Manager tool. This guide refers to the default settings.


ReadWriteRead & ExecuteModifyFull ControlChildren Inherent
<LogRhythm Installation Directory Path>\LogRhythm\LogRhythm AI Engine



X

The AIE Communication Manager writes data files read by the AIE. By default, this directory is part of the path above. However, you can configure the AIE system to use a separate directory. If you change the directory, both the AIE and the AIE Communication Manager services will need access to this directory.

Registry Access


Read ControlWrite OwnerWrite DACDeleteCreate LinkEnumerate SubkeysSet ValueQuery ValueFull ControlChildren Inherent
KEY_LOCAL_MACHINE\
SOFTWARE\LogRhythm\
lraiecommgr
X



X
X
X
HKEY_LOCAL_MACHINE\
SOFTWARE\LogRhythm\
lraieengine
X



X
X
X

Database Access

The AIE Communication Service uses the LogRhythmAIE database user and the LogRhythmGlobalAIE security role to access the LogRhythm CM database. All permissions are set as required by the default security role.

Ports

The AIE Communication Manager service must communicate with any Data Processor Mediator services that provide source data. These ports can be configured through the Console‚Äôs Deployment Manager. Click the AI Engine tab in the top ribbon, and then click the Servers tab in the bottom ribbon. Select and right-click on the AIE server, and then click Properties. When the AI Engine Server Properties dialog box appears, click Advanced.

PortDefault PortInbound/OutboundPurpose
Client Management Port30000Inbound from Mediator(s)Listener port for AIE to receive management communications from the log or Console
Client Data Port30001Inbound from Mediator(s)Listener port for AIE to get active logs from registered log Mediators

Other Resources

The AIE Communication Manager service does not require any other privileges or permissions.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.