Breadcrumbs

Least Privileged User: PM, Job Manager

The Job Manager runs scheduled report jobs and other background functions, such as automated list imports and heartbeat monitoring. You can schedule report packages to run and be delivered automatically using the Scheduled Report Job Manager. The Job Manager then creates, exports, notifies, and delivers the reports.

Purpose

The Job Manager is a master scheduler for LogRhythm and executes a variety of functions to keep the system operational.

The Job Manager configuration and state file directories are configurable. In addition, the report path may be moved off-server.

Shared Resources


Read

Write

Read & Execute

Modify

Full Control

Children Inherent

<LogRhythm Installation Directory Path>\LogRhythm\LogRhythm Job Manager





X


<LogRhythm Report Path>





X


Registry Access


Read Control

Write Owner

Write DAC

Delete

Create Link

Enumerate Subkeys

Set Value

Query Value

Full Control

Children Inherent

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
services\lrjobmgr

X

X

X

X

X

X

X

X


X

HKEY_LOCAL_MACHINE\System\CurrentControlSet\
services\eventlog\Security

X

X

X

X

X

X

X

X


X

HKEY_LOCAL_MACHINE\System\CurrentControlSet\
services\eventlog\Application

X

X

X

X

X

X

X

X


X

HKEY_LOCAL_MACHINE\System\CurrentControlSet\
Services\WinSock2\Parameters

X

X

X

X

X

X

X

X


X

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows NT\CurentVersion\Perflib

X

X

X

X

X

X

X

X


X

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Perflib

X

X

X

X

X

X

X



X

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
services\.NET CLR Data

X









X

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
services\.NET CLR Networking

X









X

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
service\.NET CLR Networking 4.0.0.0

X









X

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
services\.NET Data Provider for Oracle

X









X

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
services\.NET Data Provider for SqlServer

X









X

Database Access

The Job Manager uses the LogRhythmJobMgr database user and the LogRhythmGlobalJobMgr security role to access the LogRhythm EM databases (EMDBs). All permissions are set as required by the default security role.

Ports

If the Knowledge Base updates are pulled from online (rather than locally), the Job Manager will need the following configuration.

Port

Default Port

Inbound/Outbound

Purpose

HTTP

80

Bidirectional

Access and downloading online KB updates

HTTP/SSL

443

Bidirectional

Access and downloading online KB updates over SSL

SMB

445

Bidirectional

Used for Windows file sharing

AD Sync

389, 636

Outbound

Connection to Global Catalog Server for Active Directory Sync

Other Resources

The Job Manager does not access any external third-party systems.