Breadcrumbs

Least Privileged User: PM, High Availability

Purpose

LogRhythm High Availability mode is designed to help protect against Platform Manager downtime caused by planned or unplanned outages. HA uses host-based replication technologies and constant monitoring of critical components and services.

Shared Resources


Read

Write

Read & Execute

Modify

Full Control

Children Inherent

Microsoft SQL





X


Data Volumes

X






SQL Logs

X






Temp DB

X






LogRhythm System





X


Ports

Micro-Service

Protocol

Destination Port

Direction

Operating System

Purpose

Windows File and Print

TCP

135

Bidirectional

Windows/Linux


UDP

137

Bidirectional

Windows/Linux


UDP

138

Bidirectional

Windows/Linux


TCP

139

Bidirectional

Windows/Linux


TCP

445

Bidirectional

Windows/Linux


LifeKeeper

TCP

81

Bidirectional

Windows/Linux

LifeKeeper RMI

TCP

82

Bidirectional

Windows/Linux

LifeKeeper Web Server

TCP

1500

Bidirectional

Windows/Linux

LifeKeeper CommPath

ICMPv4

Any

Bidirectional

Windows/Linux

LifeKeeper ICMPv4

Any

Any

Bidirectional

Windows/Linux

LifeKeeper Java

TCP

TCP

Bidirectional

Windows/Linux

LifeKeeper Ikcmsever

TCP

TCP

Bidirectional

Windows/Linux

LifeKeeper EISM

DataKeeper

TCP

9999

Bidirectional

Windows/Linux


TCP

10003

Bidirectional

Windows/Linux


TCP

1001

Bidirectional

Windows/Linux


Database Access

HA does not communicate directly with a LogRhythm database.

Registry Access


Read Control

Write Owner

Write DAC

Delete

Create Link

Enumerate Subkeys

Set Value

Query Value

Full Control

Children Inherent

HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\Extended Mirroring









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\General









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper]









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\Cygnus Solutions









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\Cygnus Solutions\Cygwin









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\Cygnus Solutions\Cygwin\mounts v2









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\Cygnus Solutions\Cygwin\mounts v2\/









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\Cygnus Solutions\Cygwin\mounts v2\/bin









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\Cygnus Solutions\Cygwin\mounts v2\/usr/bin









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\Cygnus Solutions\Cygwin\mounts v2\/usr/lib









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\Cygnus Solutions\Cygwin\Program Options









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\General









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\JavaGUI









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\JavaGUI\ Server









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\Lkinit









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\RK









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\RK\app









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\RK\DNS









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\RK\DNS\ DNS.0









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\RK\IP









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\RK\LanMan









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\RK\SQLapp









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\RK\ SQLapp\SQL_ResTag]









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\RK\ VolShare









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\RK\volume









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\LifeKeeper\ RK\WebApp









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SteelEye\Lkinit









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SIOS Technology Corp.









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SIOS Technology Corp.\ LifeKeeper for Windows v8 Update 2 Maintenance 1









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SIOS Technology Corp.\LifeKeeper for Windows v8 Update 2 Maintenance 1\8.2.1









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SIOS Technology Corp.\ SIOS DataKeeper for Windows v8 Update 2 Maintenance 1









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ SIOS Technology Corp.\ SIOS DataKeeper for Windows v8 Update 2 Maintenance 1\8.2.1









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ Steeleye Technology, Inc.









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ Steeleye Technology, Inc.\ LifeKeeper Microsoft SQL Server Recovery Kit v8 Update 2 Maintenance 1









X


HKEY_LOCAL_MACHINE\ SOFTWARE\Wow6432Node\ Steeleye Technology, Inc.\ LifeKeeper Microsoft SQL Server Recovery Kit v8 Update 2 Maintenance 1\8.2.1









X


Other Resources

Additional software requirements are noted below.

LifeKeeper

LifeKeeper provides continuous monitoring of critical resources. This toolset provides the foundation of the LogRhythm HA platform.

DataKeeper

DataKeeper provides volume-level, block-level replication for disk drives, and delivers a shared-nothing solution when used in conjunction with LifeKeeper.

LifeKeeper SQL Recovery Kit

LifeKeeper SQL Recovery Kit provides enhanced functionality to deliver database and process-level monitoring, along with integrated capabilities within the LifeKeeper GUI. The SQL Recovery Kit is only required for EM, LM, and XM appliances.