TOC & Recently Viewed

Recently Viewed Topics

Log Correlation Engine Clients

The LCE server manages configuration files for LCE 5.x clients remotely from the command line. SecurityCenter manages the configuration files for LCE 5.x clients via a graphical interface.

The default view for the LCE Clients page displays all of the available clients for the selected LCE server in the Filters section, and may be changed by updating the LCE Server filter. Use the other filter options, to narrow down the displayed clients for the selected server by a mix of criteria based on combinations of the displayed columns.

Current LCE Client versions display information in the table including their name, host address, authorization status, client type, host OS, assigned policy file, date last updated, and client version. LCE Client configurations can be managed from SecurityCenter.

Tip: Configured clients prior to version 5.x appear in the list without OS and policy information. However, these clients cannot have their policy files centrally managed from SecurityCenter.

Each client may have a name assigned to it to help easily identify the client. The currently assigned name appears in the Name column. To change the name, click on the client to edit from the list, and type the name. Client names may not contain spaces. Click the Submit button to save the change.

LCE Clients are initially configured to send their data to a particular LCE server, but must be authorized by the LCE sever for the server to accept the data. The client’s authorization status appears in the left-side column. If there is no icon, the client is authorized to send data to the LCE server. If there is a broken link icon, the client is not authorized to send data to the LCE server. Toggle this by selecting the gear icon for the client and clicking either the Authorize or Revoke Authorization from the list as appropriate.

Each client must have a policy assigned to it that specifies the appropriate data to send. The currently assigned policy appears in the Policy column. To change the assigned policy, select the client to edit and click the appropriate policy from the drop-down box. Search client policies by name by entering text into the Policy box. Click the Submit button to save the change. The policy updates on the client on its next connection.

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.