Get Started with the Log Correlation Engine Web Query Client

This document describes the Log Correlation Engine Web Query Client version 4.8.x that is available for the Tenable Tenable Log Correlation Engine.

A working knowledge of Secure Shell (SSH), Tenable Log Correlation Engine (Log Correlation Engine), and Tenable Security Center operation and architecture is assumed. Familiarity with general log formats from various operating systems, network devices, and applications as well as a basic understanding of Linux/Unix is also assumed.

Overview

The Log Correlation Engine Web Query Client is used to request event data from RESTful web services. The logs returned from queries are stored and normalized in Log Correlation Engine. Finally, the information may be searched in Tenable Security Center and can be reviewed. The process to setup and configure the Log Correlation Engine Web Query Client begins with the configuration of the RESTful API instances that are to be queried.

The Log Correlation Engine Web Query Client supports:

• Amazon Web Services (AWS)
• Salesforce
• Google Cloud Platform (GCP)