Tenable Log Correlation Engine Clients

The default view for the Log Correlation Engine Clients page displays all of the available clients for the selected Tenable Log Correlation Engine server in the Filters section, and may be changed by updating the Log Correlation Engine Server filter. Use the other filter options, to narrow down the displayed clients for the selected server by a mix of criteria based on combinations of the displayed columns.

Current Log Correlation Engine Client versions display information in the table including their name, host address, authorization status, client type, host OS, assigned policy file, date last updated, and client version. Log Correlation Engine Client configurations can be managed from Tenable Security Center.

Tip: Configured clients prior to version 5.x appear in the list without OS and policy information. However, these clients cannot have their policy files centrally managed from Tenable Security Center.

Each client may have a name assigned to it to help easily identify the client. The currently assigned name appears in the Name column. To change the name, click on the client to edit from the list, and type the name. Client names may not contain spaces. Click the Submit button to save the change.

Log Correlation Engine Clients are initially configured to send their data to a particular Log Correlation Engine server, but must be authorized by the Log Correlation Engine sever for the server to accept the data. The client’s authorization status appears in the left-side column. If there is no icon, the client is authorized to send data to the Log Correlation Engine server. If there is a broken link icon, the client is not authorized to send data to the Log Correlation Engine server. To do this, right-click the row for the client or select the check box for the client, then click Authorize or Revoke Authorization.