Automatically Authorize Tenable Log Correlation Engine Clients

In order for an Tenable Log Correlation Engine client to communicate with a Tenable Log Correlation Engine server, it must first be authorized. Client assignment rules can be used to automatically authorize clients.

To auto authorize a Tenable Log Correlation Engine to communicate with a Tenable Log Correlation Engine server:

1. Log in to Log Correlation Engine via the user interface.

2. In the top navigation bar, click Configuration.

   The System Configuration page appears, displaying basic configuration settings.

3. In the left side navigation bar, click Advanced.
   The Advanced configuration section appears, displaying options used to fine tune your Tenable Log Correlation Engine server configuration.

4. Scroll down to the Clients section, and check the Auto Authorize checkbox.

5. Enter a network range in the Client Network field using CIDR notation.

6. In the LCE IP:port field, enter the Tenable Log Correlation Engine server IP address and port that you want the clients to communicate with.

7. Click the Add New Client Rule button.
   The policies text box appears.

8. In the text box, specify the filenames of the policies that you want applied to clients that fall in the range defined by the rule.

   Note: Polices are matched by operating system. If there are multiple policies for a particular operating system, the first applicable policy that is specified for that operating system will be assigned. If none of the specified policies are applicable to a client in the network, the default policy for that operating system will be used.

9. Scroll to the bottom of the page and click the Update button.

   Log Correlation Engine saves your configuration.

   Tip: Install the Tenable Log Correlation Engine client on your target hosts if you haven't already.