Skip to main content
Skip table of contents

LogRhythm UEBA

CloudAI is now named LogRhythm UEBA.

However, both names are referenced in our documentation. While the product name is now LogRhythm UEBA, the user interface (UI) continues to reference CloudAI.

Formerly known as CloudAI, LogRhythm UEBA is a cloud-native anomaly detection engine designed to complement the existing UEBA detection capabilities available in AIEngine correlation rules. LogRhythm UEBA is LogRhythm’s advanced user entity behavior analytics (UEBA) solution, and it integrates seamlessly with the LogRhythm SIEM. 

With the dramatic increase in the number of cyberattacks and their advancement in complexity and sophistication, it’s crucial to expand detection capabilities with advanced analytics such as machine learning (ML). As reinforced by the MITRE D3FEND Framework™, anytime threat detection related to user behavior requires you to search for statistical outliners that aren’t obvious, or to make a comparison against a user’s baseline, you need to use advanced analytics. 

LogRhythm UEBA, a cloud-native add-on to the LogRhythm SIEM Platform, uses ML to detect anomalies related to potential user attacks such as insider threats, compromised accounts, administrator abuse, and misuse. Together, LogRhythm UEBA and the field-proven threat models of the LogRhythm SIEM AI Engine deliver holistic analysis and deep visibility into user activity and outliers that would otherwise go undetected. LogRhythm UEBA detects changes in user behavior that signal potential threats. Analysts can use the individual anomaly scores and a summary user score to prioritize anomalies for investigation and response.

Its components are installed with the Data Indexer (DX) during a LogRhythm Enterprise installation, and LogRhythm Support performs all necessary configuration for data collection at the time you purchase a license; until then, the services installed with the DX are disabled.

For more information, see the LogRhythm UEBA product data sheet:

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.