You are here: Features > Configuration > Basic Configuration

Basic Configuration

The Basic Configuration section comprises the essential configuration needed for an LCE server to function. The items in this section are addressed in the initial Quick Setup, but can be changed in this section at a later time if the need arises.

Each menu option for the Basic section is covered in detail below.

Option Description

Server Address

This option allows you to specify the IP address of the network interface(s) on which lced and lce_report_proxyd will listen. More than one interface may be specified on separate lines:

 

127.0.0.1

172.0.0.2

 

By default, or if left blank the above LCE services will listen on all available network addresses.

LCE Client Port

This option specifies the port number that lced listens on. By default, it is set to 31300, but may be reset to another value.

UDP Syslog Port

LCE listens for UDP syslog traffic on the standard port of 514 by default. If the environment requires the LCE to listen on a different port, this setting may be changed.

TCP Syslog Port

This setting determines the port to listen on for reliable syslog messages via the TCP protocol.

Encrypted TCP Syslog Listen Port

This setting determines the port for receiving encrypted TCP syslog traffic. The default port for encrypted syslog over TLS is 6514 per RFC5425, but the port may be altered if required.

SNMP Port  

Include Networks

The following sections define your internal network range. All networks specified in the first section are included, while the Exclude Networks option is used to make exceptions.

Note: Make sure this range matches IP addresses that are considered internal from an event perspective. This range is used by a number of TASL scripts and the Stats daemon to define inbound/outbound/internal specifications for LCE events. This is different from the Directions filter on the SecurityCenter events page, which uses the logged-in user’s managed ranges to determine event direction.

Exclude Networks

Provides exceptions to the Include Networks directive ranges specified above.

Allow only TLSv1.2 Disables all SSL/TLS support prior to TLS 1.2 for all SSL interfaces for PCI DSS compliance.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.