Skip to main content
Skip table of contents

Log Collection in Web Console

LogRhythm version 7.14 introduces Open Collector and SIEM integration, allowing users to view and manage Open Collectors and Beats from the Web Console. After updating the SIEM to 7.14 and the Open Collector to the latest version, the Long-Running LRCTL service needs to be configured and initialized. This service runs in the background on the Open Collector and manages the configurations applied in the LogRhythm Web Console.

You must initialize the Long-Running LRCTL service to work with Open Collectors and Beats in the Web Console. For instructions on how to initialize the service, see Configure Open Collector Connection to the SIEM.

The following Beats are available to configure in the Web Console:

  • AWS S3

  • Azure Event Hub

  • Carbon Black Cloud

  • Cisco AMP

  • Darktrace

  • Duo Authentication Security

  • Gmail Message Tracking

  • GSuite

  • Kafka

  • Microsoft Graph API

  • Okta

  • Prisma Cloud

  • Proofpoint

  • PubSub

  • Qualys FIM

  • Sophos Central

  • Symantec WSS

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.