Add Tenable Log Correlation Engine to Tenable Security Center
To add your Tenable Log Correlation Engine server to Tenable Security Center, see Add a Tenable Log Correlation Engine Server in the Tenable Security Center User Guide.
Option | Description |
---|---|
Name |
The unique name that this Tenable Log Correlation Engine server will be known as. |
Description |
Descriptive text for the Tenable Log Correlation Engine server. |
Host |
The IP address of the Tenable Log Correlation Engine server. Note: When the Tenable Security Center resides on the same host as the Tenable Log Correlation Engine server, it is recommended to use the localhost IP address of 127.0.0.1. |
Organizations |
Select the customer that this Tenable Log Correlation Engine is assigned to from the drop down menu. |
Event Vulnerability Data |
|
Import Vulnerabilities |
Selecting this box will allow you to configure your Tenable Log Correlation Engine use Event data to detect vulnerabilities. |
Repositories |
This will allow you to select which repository you would like to keep the vulnerability data collected from Tenable Log Correlation Engine events. |
Event Vulnerability Host |
|
Port |
This allows you to configure the port used for communication between Tenable Security Center and Tenable Log Correlation Engine. The default port is 1243. In the Tenable Log Correlation Engine interface this is known as the Reporter Port. |
Username |
This is the Reporter Username that was set in the Tenable Log Correlation Engine interface under the Configuration, Advanced, Host Discovery and Vulnerabilities section. |
Password |
This is known as the Reporter Password which is found in the Configuration, Advanced, Host Discovery and Vulnerabilities section. |
After clicking on Submit, the Tenable Log Correlation Engine admin credentials (“root” user or equivalent) are requested to establish an authenticated session between Tenable Security Center and Tenable Log Correlation Engine. After the Tenable Log Correlation Engine server is successfully added, highlight the new Tenable Log Correlation Engine server to display options pertinent to that server.
Note: If you are using DNS in your environment, make sure it is configured for reverse DNS resolution to facilitate query speeds. If you are not using DNS, modify the /etc/hosts file to include your Tenable Security Center IP address and hostname. For example: 192.0.2.22 SecurityCenter4.example.com SecurityCenter4