Manage Your Preferences

 To manage your Client Console preferences

1. On the My LogRhythm menu, click My Preferences.
2. Configure the properties by accessing the tabs, described in the following tables, and modifying the information you want.

   1. Personal Dashboard tab. The Personal Dashboard tab contains settings related to Personal Dashboard, which can be set to start at startup or accessed by clicking Personal Dashboard on the main toolbar.

      Property	Description
      Refresh Rate	The interval between updates to Personal Dashboard or how long the Client Console waits between refresh cycles before it checks for new events. The Query Timeout setting defines how long the query waits before timing out.
      Alarm Settings	The time period of Alarms to display, and whether to load all or just your alarms. The History setting specifies how much alarm history to load in hours and minutes. The Alarm Cache setting specifies the maximum number of alarms to load and cache in memory. The Only Load Assigned Alarms setting should be selected if you only want to load alarms assigned to your user account.
      Event Settings	The History setting specifies how much event history to load in hours and minutes. The Event Cache setting specifies the maximum number of individual events to cache in memory for immediate analysis via drill-down capabilities. The Aggregate Event Cache setting specifies the maximum number of aggregate events to cache in memory. The Include Diagnostic Events setting should be selected to enable the display of diagnostic events in the Personal Dashboard.

   2. Investigator and Tail tab. The Investigator and Tail tab is where properties specific to Investigations and Tails are selected.

      Property	Description
      Query Settings	Settings pertaining to the querying of logs, such as maximum logs to fetch. The Maximum logs/events to query setting specifies the maximum number of logs/events to query. The Query Timeout setting specifies the amount of time before the query terminates due to a timeout.
      Log/Event Cache	The maximum number of logs that are retained in memory. Logs/events cached in memory are available for immediate analysis via drill-down capabilities. This is very important because the cached logs and events are the only ones available when performing a drill-down Investigation from the Dashboard.
      Aggregate Log/Event Cache	The maximum number of aggregate logs and events to cache in memory. This is very important as the cached aggregate logs and events are the only ones available when performing a drill-down Investigation from the Dashboard.
      Default Log Repositories to Query	The Log Repositories you would like to query by default when you run an Investigation or Tail. Other Data Processors will still be available to be optionally selected, unless they are specifically not allowed to be accessed due to account restrictions.

   3. Regional Settings tab. The Regional Settings tab supports regionalization of date and number formats. These formats are controlled from the Regional Settings tab.

      Property	Description
      Cultures	There are many standard cultures available for selection from the Cultures drop-down box. Selecting a culture changes the date and time and number formats below. If you select a language that is not installed on the Client Console host machine, you may see unexpected results in alpha characters that are part of the date and time formats.
      Date & Time Formats	The Date and Time format is set automatically according to the Culture selected. However, these formats can be modified manually after selecting the Culture. If the date and time show unexpected characters, ensure that the language you selected in the Culture setting is installed on the Client Console host machine.
      Number Formats	The Number format is set automatically according to the Culture selected. However, this format can be modified manually after selecting the Culture.
      Time Zone Settings	The time zones to use as the defaults for Notifications and Reports.

   4. Report Center tab. The Report Center tab allows the user to specify a reporting memory threshold. These adjustments are controlled from the Report Center tab.

      Property

      Description

      Reporting Memory

      Specify the memory limit to enforce during report preparation. If a report query causes Client Console memory usage to exceed the threshold, then the report is rendered with partial data and the label (Sample Dataset) is added to the title page footer. The reporting memory can be set from 0-100% Maximum application memory: LogRhythm Client Console (32-bit) = 1 GB LogRhythm Client Console (64-bit) = installed physical memory Example scenario: 8 GB RAM installed, 50% Reporting Memory LogRhythm Client Console (32-bit) = 0.5 GB report memory threshold LogRhythm Client Console (64-bit) = 4.0 GB report memory threshold

   5. General tab. The General tab contains additional information.

      Property	Description
      Auto Login	If the Automatically login next time check box was selected on the login screen, this button disables it, forcing the login dialog box to appear the next time the Client Console is opened.
      Restore Defaults	Use the buttons to restore settings to their default values for various components. Reset Deployment Monitor Layout Reset Alarm Viewer Layout Reset Log Miner Layout Delete All Saved Investigations Delete All Saved Tails
      Color Themes	Use the default color themes or choose your own.
      Record Count	Chose the number of records to be displayed in the System Monitor and Log Sources grids.
      Filter System Log Sources from Grid Views	Enabling this option will prevent the display of the following log source types in Log Sources grids within the Client Console: LogRhythm Data Loss Defender LogRhythm File Monitor LogRhythm Network Connection Monitor LogRhythm Process Monitor LogRhythm Registry Integrity Monitor LogRhythm User Activity Monitor

3. Click OK.