The Job Manager runs scheduled report jobs and other background functions, such as automated list imports and heartbeat monitoring. You can schedule report packages to run and be delivered automatically using the Scheduled Report Job Manager. The Job Manager then creates, exports, notifies, and delivers the reports.
Purpose
The AIE is a rules engine that processes logs to generate alerts based on complex rule workflows. The AIE service runs on the PM system or a separate appliance, and has no external communications with services or systems other than the EMDBs.
Shared Resource
Note that the AIE and AIE Communication Manager services share directories for configuration, state, and data files. These directories can be configured in the AIEngine Configuration Manager. This guide refers to the default settings.
|
|
Read |
Write |
Read & Execute |
Modify |
Full Control |
Children Inherent |
|---|---|---|---|---|---|---|
|
<LogRhythm Installation Directory Path>\LogRhythm\LogRhythm AI Engine X |
|
|
|
|
X |
|
The Communication Manager writes data files read by the AIE engine. By default, this directory is part of the path above. However, you can configure the AIE system to use a separate directory. If you change the directory, both the AIE and the AIE Communication Manager services will need access to this directory.
Registry Access
|
|
Read Control |
Write Owner |
Write DAC |
Delete |
Create Link |
Enumerate Subkeys |
Set Value |
Query Value |
Full Control |
Children Inherent |
|---|---|---|---|---|---|---|---|---|---|---|
|
KEY_LOCAL_MACHINE\
|
X |
|
|
|
|
X |
|
X |
|
X |
|
HKEY_LOCAL_MACHINE\
|
X |
|
|
|
|
X |
|
X |
|
X |
Database Access
The AIE service uses the LogRhythmAIE database user and the LogRhythmGlobalAIE security role to access the LogRhythm EMDBs. All permissions are set as required by the default security role.
Ports
The AIE service does not directly communicate with any other system through dedicated ports.
Other Resources
The AIE service does not require any other privileges or permissions.