Configure the Connection to LogRhythm

To configure the connection between the Threat Intelligence Service and LogRhythm:

1. If it is not already running, launch the Service Manager. For more information, see Launch the Service Manager.

2. Click the File menu, and then click LogRhythm Service Configuration. 
   The LogRhythm Server Configuration dialog box appears.

   

   UNC paths are supported for remote directories, and the account that is running the service must have access to this path to write lists. The path is validated in the Service Manager when the service starts. If the path is unreachable or if the service does not have access to it, the service will not start.

3. Enter the connection details as described in the table below.

   Parameter	Description
   Server	The host name of the Event Manager or Platform Manager appliance. Type localhost if the Threat Intelligence Service is installed locally on the appliance.
   Database	The name of the Event Manager or Platform Manager database, which is usually LogRhythmEMDB.
   Log in with Windows account	Select the check box to log in with your current Windows account credentials.
   User Name	If not using a Windows account, type LogRhythmJobMgr or the SQL user you created with permissions to edit the Lists table in EMDB. To grant these permissions, assign the LogRhythmGlobalJobMgr to the account.
   Password	The password for the account specified in the User Name box.

4. Click Test Connection. If the test fails, ensure the connections details are correct and test the connection again.

5. In the List Path box, type the file path where you want the Threat Intelligence Service to create its threat feed lists. This should be the Job Manager's list_import directory.
   The default path is C:\Program Files\LogRhythm\LogRhythm Job Manager\config\list_import\. If the service is not installed locally on the Event Manager or Platform Manager appliance, enter a UNC path to the Job Manager’s list_import directory (for example, \\Server1\list_import\).

   

   The directory specified in the List Path box must be on a Windows host.

6. Click Next to save the configuration and close the dialog box.