The LogRhythm Web Console allows you to monitor network log activity from supported browsers on desktop computers and laptops.
To support the most common end-user activities, the Web Console offers a customizable user interface with colorful visualizations and a range of powerful analytical and forensic features, including the following:
- Critical data analysis tools, vibrant charts and graphs, and quick access to raw logs. Sift through tens of thousands of data rows without the hindrance of pagination. An array of grid tools helps reduce the time that you need to make informed determinations about network activities.
- Multiple real-time, interchangeable dashboard layouts. You can create and share dashboard layouts to support different information needs.
- Dedicated alarm management with SmartResponse action integration and a streamlined interface for viewing, filtering, and sorting alarms.
- Collaborative forensic tools for identifying suspicious logs, collecting evidence, and building cases around network activities that appear to be related to the same threat.
- User-created saved and shared searches for routine queries.
- Direct web access to authorized report packages. Download available reports in PDF format or create and run new searches based on their reporting filters.
- Direct web access to browse, view, create, and edit lists used in searches, alarms, and more. Add values to lists directly from the Analyzer grid.
LogRhythm currently supports up to three Web Console instances with 60 concurrent users. However, other usage limitations apply. For more information, see the Web Services Host API information in the Configuration Manager.
Getting Started in the Web Console
The Get Started with LogRhythm SIEM section of the LogRhythm SIEM Help provides information on the following Web Console topics:
- Logging in
- Supported browsers
- Smart Cards
- Multi-factor authentication
- Verifying the Web Console connection
- Integrating NetMon with the Web Console
Web Console vs. Client Console Tasks
LogRhythm SIEM Task
|Client Console||Web Console|
|Viewing alarms (including opening, closing, and commenting)||X||X|
|Defining alarm rules||X|
|Configuring and administering LogRhythm SIEM||X|
|Monitoring system health||X||Limited|
|Case collaborating and management||X|
The Web Console logins are associated with the same User Profiles defined in the Client Console. For more information, see the Object Permissions Manager topic in the SIEM Help.