You are here: Getting Started > Integration > Add LCE to SecurityCenter

Add LCE to SecurityCenter

To add your LCE server to SecurityCenter, log into SecurityCenter as the admin user and click on Resources, and then Log Correlation Engines. A screen similar to the one below is displayed with the currently available LCE servers.

The Add button displays a dialog box with the following fields:

Option Description

Name

The unique name that this LCE server will be known as.

Description

Descriptive text for the LCE server.

Host

The IP address of the LCE server.

Note: When the SecurityCenter resides on the same host as the LCE server, it is recommended to use the localhost IP address of 127.0.0.1.

Organizations

Select the customer that this LCE is assigned to from the drop down menu.

Event Vulnerability Data

Import Vulnerabilities

Selecting this box will allow you to configure your LCE use Event data to detect vulnerabilities.

Repositories

This will allow you to select which repository you would like to keep the vulnerability data collected from LCE events.

Event Vulnerability Host

Port

This allows you to configure the port used for communication between SecurityCenter and LCE. The default port is 1243. In the LCE GUI this is known as the Reporter Port.

Username

This is the Reporter Username that was set in the LCE GUI under the Configuration, Advanced, Host Discovery and Vulnerabilities section.

Password

This is known as the Reporter Password which is found in the Configuration, Advanced, Host Discovery and Vulnerabilities section.

An example of this screen is shown below:

After clicking on Submit, the LCE admin credentials (“root” user or equivalent) are requested to establish an authenticated session between SecurityCenter and the LCE. After the LCE server is successfully added, highlight the new LCE server to display options pertinent to that server.

Note: If you are using DNS in your environment, make sure it is configured for reverse DNS resolution to facilitate query speeds. If you are not using DNS, modify the /etc/hosts file to include your SecurityCenter IP address and hostname. For example: 192.168.1.22 SecurityCenter4.example.com SecurityCenter4

More information about SecurityCenter configuration options is available through the “SecurityCenter Administration Guide” available on the Tenable Support Portal.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.