Skip to main content
Skip table of contents

Cloud to Cloud Log Collection

Currently, Cloud to Cloud log collection is available only for LogRhythm Cloud customers.

LogRhythm Cloud to Cloud (C2C) facilitates the creation, management, and collection of cloud log source information through a user interface in the Web Console. C2C credentials are used to safely and securely provision an appropriate collection method (either Open Collector with Beats or a System Monitor Agent).

Upon request, LogRhythm Cloud customers will be provided with one fixed-size Open Collector with a maximum collection rate of 2000 MPS. To request the fixed-size Open Collector, contact LogRhythm Support and ask them to create a support case.

In a future release, LogRhythm will host a System Monitor Agent in the cloud for collection of syslog from the Open Collector. This System Monitor Agent will also be able to collect cloud log sources that use the System Monitor Agent as their primary collection method. The Agent will have a maximum collection rate of 5000 MPS. Request for a System Monitor Agent is unnecessary.

As of LogRhythm 7.8.0, the following beats are supported for C2C collection:

  • Azure Event Hub Beat
  • Carbon Black Cloud Beat
  • Cisco AMP Beat
  • Duo Authentication Security Beat
  • Gmail Message Tracking Beat
  • Okta Beat
  • PubSub Beat
  • Sophos Central Beat

API log sources:

  • Office365 Management activity
  • Office365 Message Tracking
  • AWS CloudTrail Events
  • AWS CloudWatch Events and Alarms
  • AWS Config Events
  • AWS Simple Storage Service (S3) Events
  • AWS S3 CloudTrail Events

For more details on configuring and initializing C2C collection using beats, see OCBeats.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.