TOC & Recently Viewed

Recently Viewed Topics

Log Correlation Engine 3.4.1 Release Notes

The following notes describe the changes that are included in Log Correlation Engine (LCE) version 3.4.1, including significant enhancements that have been made, as well as notes for upgrading.

Upgrade Notes

  • As with any application, it is always advisable to perform a backup of your LCE installation and archived logs before upgrading.
  • LCE version 3.4.1 is a required upgrade for SecurityCenter 4.
  • LCE version 3.4.1 is compatible with Security Center version 3.4.5 or later. Older versions of Security Center may work with LCE 3.4.1 without issues, but will not support many of the new features. Please contact Tenable Support at if you have any questions about compatibility issues.
  • Detailed instructions and notes on upgrading are located in the Log Correlation Engine 3.4 Administration and User Guide.

Application Notes

LCE IDS Correlation

  • LCE receives vulnerability information and IDS correlation signature updates from SecurityCenter 4 so that it can correlate intrusion detection events with vulnerabilities. Correlation is enabled on a per Repository basis within SecurityCenter 4. To enable, login to SecurityCenter 4 as admin, edit a Repository and select the desired LCE(s) in the .LCE Correlation. field. Both the normalized event name and the originating raw IDS event name are available within the SecurityCenter 4 GUI. When browsing events use the .Target IDS Events. filter to display the Correlated IDS events. A sample screenshot can be viewed here.
  • As of 3.4.0, LCE is capable of managing IDS events from various sources. This functionality is based on what was available in Security Center 3.x. LCE can accept events from IDS devices via syslog and/or SNMP traps. To differentiate between IDS events and ordinary logs in Security Center queries, a new "event2" field has been added to the LCE database schema. The LCE supports the following types of IDS sources:
    • Snort
    • Bro
    • RealSecure
    • Dragon
    • IntruVert
    • IntruShield
    • NetScreen
    • NFR
    • Fortinet
    • PVS
    • LCE
    • Cisco
    • TippingPoint-Sensor
    • TippingPoint-SMS

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable,, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.., Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.