Recently Viewed Topics
Welcome to Log Correlation Engine
Last updated: November 29, 2018
This document describes the installation, configuration, and administration of the Tenable Log Correlation Engine® (LCE®) (Undefined variable: LCE.AdminUserVersion) for use as a part of SecurityCenter Continuous View.
LCE is used with SecurityCenter, which is installed separately. This documentation assumes that you already have an operational instance of SecurityCenter. Knowledge of SecurityCenter operation and architecture is also assumed, along with a familiarity with system log formats from various operating systems, network devices, and applications and a basic understanding of Linux and Unix command line syntax.
- LCE Client
- OPSEC Client
- (Undefined variable: LCE.SplunkClient)
- Tenable NetFlow Monitor
- Tenable Network Monitor
- Tenable RDEP Monitor
- Tenable SDEE Monitor
- (Undefined variable: LCE.WebQueryClient)
- WMI Monitor Client
Note: While you may still manage clients and policies using an account with Administrator privileges in SecurityCenter, LCE (versions 4.8 and later) is now the preferred method as it provides additional validation to client management and policy modification. Additionally, organizations with a centralized instance of SecurityCenter can better delegate the administration of LCE by utilizing the new features, rather than channeling all LCE administration through SecurityCenter users with the necessary privileges.
Concerns, questions, and comments can be emailed to firstname.lastname@example.org.