Skip to main content
Skip table of contents

Configure Database Access

Security best practice is to use a unique domain account for each LogRhythm SQL account described in the table below to reduce the impact in the event of an account compromise. However, you can use a single domain service account for all LogRhythm SQL accounts.

Each service to be run under Integrated Security requires database access. To create database logins and users:

Create the LogRhythm User Record in SQL

  1. On the main toolbar of the Client Console, click Deployment Manager.

  2. Click the People tab.

  3. On the File menu, click New.
    The Is Person an Individual? dialog box appears.

  4. Click Yes for a user account.
    The Person Properties dialog box appears.

  5. Enter a name for the user account.

  6. Click Create, and then click OK.

  7. Right click on the new Person Record you just created, and then click Create User Account.

  8. Check the Windows Account check box.

  9. Assign the account Global Admin Permission.

  10. Click on the button to the right of the User Login box.

  11. Provide valid AD credentials to search AD for the service account.

  12. Select the service account from the listing.

  13. Click OK.

  14. Click Apply.

  15. Click OK.

Add SQL Permissions to the User Account

To Add the privileges necessary for Integrated Services to work properly, use SQL Server Management Studio to add the permissions to the service accounts.

  1. On the LogRhythm Platform Manager. log in to SQL Server Management Studio under an account that is either a member of the sysadmin fixed server role or is a member of the LogRhythmGlobalAdmin security role.
  2. Expand the Security node and then the Logins node to view the SQL logins.
  3. Right-click the Logins node, and then click New Login.
  4. On the General settings page, select Windows authentication.
    The Active Directory or local Windows account name created for the LogRhythm Job Manager Service should be in the Login box.
  5. To browse for local or Active Directory accounts, click Search.
  6. Set the default database to LogRhythmEMDB.
  7. On the left side, click Server Roles and ensure only public is selected.
  8. On the left side, click User Mapping.
  9. Select the Map check box for each of the Platform Manager databases. 
  10. In the lower window, assign the following role memberships for each of the mapped databases for the LogRhythm SQL accounts you want to run under Integrated Security.
    1. LogRhythm_Alarms
      • LogRhythmGlobalAdmin
      • LogRhythmGlobalAIE
      • LogRhythmGlobalAIEDrillDownCache
      • LogRhythmGlobalCaseAPI
      • LogRhythmGlobalJobMgr
      • LogRhythmGlobalNotification
      • LogRhythmGlobalWebUI
      • public
    2. LogRhythm_CMDB
      • LogRhythmGlobalAdmin
      • LogRhythmGlobalCaseAPI
      • LogRhythmGlobalCaseAPIAdmin
      • LogRhythmGlobalCaseAPIMaintenance
      • LogRhythmGlobalJobMgr
      • LogRhythmGlobalWebUI
      • public
    3. LogRhythm_Events
      • LogRhythmGlobalAdmin
      • LogRhythmGlobalAIE
      • LogRhythmGlobalCaseAPI
      • LogRhythmGlobalJobMgr
      • LogRhythmGlobalWebUI
      • public
    4. LogRhythm_LogMart
      • LogRhythmGlobalAdmin
      • LogRhythmGlobalAIE
      • LogRhythmGlobalJobMgr
      • LogRhythmGlobalWebUI
      • public
    5. LogRhythmEMDB
      • LogRhythmGlobalAdmin
      • LogRhythmGlobalAIE
      • LogRhythmGlobalARM
      • LogRhythmGlobalCaseAPI
      • LogRhythmGlobalMPE
      • LogRhythmGlobalNGLM
      • LogRhythmGlobalNotification
      • LogRhythmGlobalThreatAPI
      • LogRhythmGlobalWebServiceAdmin
      • public

    The LogRhythm System Monitor does not access the LogRhythm databases; therefore, database access does not need to be granted for this service.

  11. Click OK to save the new login and database users.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close