Least Privileged User: PM, Web Console
Purpose
The Web Console is an HTML-based web application that provides analyst functions similar to the Client Console. There are two primary components to the Web Console: the main web application and the Services Host, which encapsulates and abstracts calls to the Platform Manager and Data Indexer.
Shared Resource
| Read | Write | Read & Execute | Modify | Full Control | Children Inherent | |
|---|---|---|---|---|---|---|
| <LogRhythm Installation Directory Path>\LogRhythm\Web Console | X | |||||
| <LogRhythm Installation Directory Path>\LogRhythm\Web Services | X |
Registry Access
To register the product, the Web Console requires registry access for system dialogs.
Database Access
The Web Console executes queries under the context of the LogRhythmGlobalAnalyst, LogRhythmRestrictedAnalyst, LogRhythmGlobalAdmin, and LogRhythmRestrictedAdmin roles. The actual user who connects to the console may be mapped to one of these roles through AD Sync. All permissions are set as required on the security role by default.
Ports
| Port | Default Port | Inbound/Outbound | Purpose |
|---|---|---|---|
| SSL Port | 8443 | Client SSL Requests | Primary port for accessing the Web Console |
| Influx DB | N/A | Outbound | Provides stats to Data Indexer |
Other Resources
The Web Console has dependencies on several prerequisites, including Java, NGINX, and Node.js. No other system access is required.