Scribd
Upload
239 views1 page

LogRhythm SIEM Components and Data Pathways

Uploaded by

Yazid UTD
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
239 views1 page

LogRhythm SIEM Components and Data Pathways

Uploaded by

Yazid UTD
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

SIEM Cheat Sheet

To learn more, vis it the course Intro to LogRhythm: What is a SIEM? on LogRhythm University

Diagram description:

SIEM Function LogRhythm Tools and Process Description


Data Collection Log Sources send raw logs to the System Monitor Agent, SysMon. SysMon
sends the raw logs to the Data Processor.

Parsing & Data The Data Processor sends:


Normalization
- single-log event data to the Platform Manager
- metadata to the Advanced Intelligence Engine, AI Engine
- metadata and raw logs to the Data Indexer
- raw logs to the Archives

Event Correlation The AI Engine sends AI Engine event data to the Platform Manager.

Alarming The Platform Manager sends alarms and events to the Web Console.

Reporting Reports can be generated from the Web Console.

Forensic Investigation The Web Console can be used to view data stored in the Data Indexer.

This document is Proprietary and Confidential Information of LogRhythm, Inc. and may not be copied or distributed without LogRhythm's prior written consent.

You might also like