Skip to main content
Skip table of contents

Configure the Threat Intelligence Service Whitelist

The LogRhythm Threat Intelligence Service includes a whitelist configuration file that filters out trusted IP addresses and IP ranges.

To add trusted IP addresses and ranges to the whitelist configuration file:

  1. Go to the file path specified in the Threat Intelligence Service configuration. The default path is C:\Program Files\LogRhythm\LogRhythm Threat Intelligence Service\config\. For more information about configuring the Threat Intelligence Service connection, see Configure the Connection to LogRhythm.
  2. Open the whitelist.json file in a text editor (e.g., Notepad) to add IP addresses or ranges to the whitelist.
  3. To add single IP addresses to the whitelist, type the following after "WLIPAddresses": [:
    {"
    Address": "xx.xx.xx.xx"
    },
    where "xx.xx.xx.xx" is the trusted IP address.
  4. To add a range of IP addresses to the whitelist, type the following after "WLIPRanges": [:
    {"
    Range": "xx.xx.xx.xx - xx.xxx.xxx.xxx"
    },
    where "xx.xx.xx.xx - xx.xxx.xxx.xxx" is the trusted IP range.
  5. Save the whitelist.json file.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close