Recently Viewed Topics
Welcome to Log Correlation Engine
Last updated: November 30, 2018
This document describes the installation, configuration, and administration of the Tenable Log Correlation EngineĀ® (LCEĀ®) 5.1 for use as a part of SecurityCenter Continuous View.
LCE is used with SecurityCenter, which is installed separately. This documentation assumes that you already have an operational instance of SecurityCenter. Knowledge of SecurityCenter operation and architecture is also assumed, along with a familiarity with system log formats from various operating systems, network devices, and applications and a basic understanding of Linux and Unix command line syntax.
In addition to the LCE server and its interface, Tenable, Inc. provides the following clients:
- LCE Client
- OPSEC Client
- Splunk Client
- Tenable NetFlow Monitor
- Tenable Network Monitor
- Tenable RDEP Monitor
- Tenable SDEE Monitor
- Web Query Client
- WMI Monitor Client
Note: While you may still manage clients and policies using an account with Administrator privileges in SecurityCenter, LCE (versions 4.8 and later) is now the preferred method as it provides additional validation to client management and policy modification. Additionally, organizations with a centralized instance of SecurityCenter can better delegate the administration of LCE by utilizing the new features, rather than channeling all LCE administration through SecurityCenter users with the necessary privileges.
Concerns, questions, and comments can be emailed to support@tenable.com.