- 1 Minute To Read
LogRhythm combines SIEM, user and entity behavior analytics, network traffic and behavior analytics, and security automation and orchestration.
- LogRhythm Domain (required) - The hostname of the LogRhythm server.
- The LogRhythm Domain should be structured as "host.domain.com:port".
- API Token (required) - API Token generated to use the LogRhythm API. See the section below for details.
- Verify SSL (required, default: False) - Verify the SSL certificate offered by the host supplied in LogRhythm Domain. For more details, see SSL Trust & CA Settings.
- If enabled, the SSL certificate offered by the host will be verified against the CA database inside of Axonius. If it fails validation, the connection will fail with an error.
- If disabled, the SSL certificate offered by the host will not be verified against the CA database inside of Axonius.
- HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to LogRhythm Domain.
- If supplied, Axonius will utilize the proxy when connecting to the host defined for this connection.
- If not supplied, Axonius will connect directly to the host defined for this connection.
For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Port 8501 must be accessible for Axonius to communicate with the API in LogRhythm Domain.
Generating API Token for LogRhythm API
- Open the LogRhythm client console.
- Select the Deployment Manager.
- Select the Third Party Applications tab, the last tab in the row.
- Create a new third-party application. To do this:
- Click the green plus sign in the client console toolbar. This will bring up the Third Party Application Properties box.
- In this box, type in the name and description for your application.
- Click Apply to generate the token. This will force a quick restart of the authentication server to set up and validate the token.
- After a few moments, the client ID and client secret will appear.
- Adjust the expiry date as desired to make the token last longer or expire faster. By default, the token expires after 365 days (one year).
- Click Generate Token to create an API token.
- Enter the user name and password of the LogRhythm account that the token should connect with.
- Copy and paste the token into a text file that can be referenced from the PowerShell script.