This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Integration with SIEM

JohnHipperson
Engaged Sweeper

‎05-23-2018 09:07 AM

We are currently implementing LogRhythm as our SIEM tool. Information gathered by LANSweeper (both metadata from LS itself and inventory data from scanned assets) would be of use in this environment.

Does anyone have any experience of integrating LS with a SIEM tool? Are there any obvious log sources we could tap into?

Grateful for anyone's thoughts.
Labels:
0 Kudos
1 REPLY 1
Esben_D
Lansweeper Employee
Lansweeper Employee

‎05-24-2018 09:32 AM

I'm not familiar with LogRhythm, but as far as logs go, Lansweeper will scan the Windows logs of computer's event log. By default only error events will be scanned, however you can also scan non-error events. If need be, you can also use the eventlog only scanning target to frequently rescan the eventlog of computers: https://www.lansweeper.com/kb/127/scanning-with-scheduled-eventlog-scanning.html

How to scan non-error events: https://www.lansweeper.com/kb/128/scanning-non-error-events.html

0 Kudos

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now