Log360 now allows ML-based automation for alerts threshold.
Hello all, Log360 now offers an industry-first, dual-layered system for precise and accurate threat detection in build 5345. The new adaptive threshold feature: Uses ML algorithms to analyze the usual occurrence of events. Automatically determines the
[Use case] Detecting cryptocurrency wallet software
Hello all, In this series of posts, we'll share various product use cases, their importance, and how the product can be used to solve them. In this post, we look at the correlation rule to detect cryptocurrency wallet software within your organization. Rule name: Cryptocurrency wallet software started What the rule detects: This rule detects the running of several common cryptocurrency wallet software on your organization's devices. Why the rule is useful: Cryptocurrency mining and trading have become
Log360 - Year in review
The year 2023 has been a remarkable one for Log360. With the introduction of a multitude of features and enhancements, Log360 has continued to evolve, making it easier for administrators to manage and secure their network infrastructure effectively. Here
[ ManageEngine ] - Your exclusive invite to our IAM and Cybersecurity seminars in Hyderabad and Delhi
Hello, We are thrilled to send you this exclusive invite to be a part of Shield 2023: IAM and Cybersecurity seminars in Hyderabad on November 21 and Delhi on November 23. Our senior technology evangelists will be sharing their thoughts on how you can
[ManageEngine] Free online Log360 workshop series!
Hello, Have you explored all the new features of Log360? Do you feel that there is a lot more the solution can do for you? To bridge this gap, we have organized a three-part online workshop series where our product expert will take you through different
Performance Suggestions
Good afternoon, I have recently began standing up my Log360 server with m365 manager plus, eventlog analyzer, Log360UEBA, Data Security Plus running off the same physical hardware. It has been up for about a week. I purchased a Dell PowerEdge R7255 with
Log360 is locking out one of our domain accounts
I can see log360 sending a bad password for a domain account it is using for authentication somewhere, but i can't find exactly where. is there a list of areas where domain credentials are configured in the product? all of them i can find are using another
Proper update procedure for Log360 and add-ons
We are using Log360 with several add-on products that were installed using the Log360-specific versions of the applications. I noticed that when attempting to install a service pack for Log360 there was a statement about updating EventLog Analyzer.
How to export raw log from log 360
Dear All I used Log360 to keep log from ASA firewall, but how to I export RAW log to excel file format Thank you for your support
Security Advisory - Log360 versions 5228 and below.
We have addressed a recently discovered authentication bypass vulnerability affecting the REST API URLs in Log360. This article provides more information on the issue and how to resolve it. What is the issue? An authentication bypass vulnerability affecting
LOG360 Services Stopped
Hi, The services of the Log360 program are constantly stopping. When the server restarts, it works for 10 - 20 seconds and then stops automatically. What is the reason of this? We are currently unable to use the program. Does anyone have a solution suggestion
Log360 On-Premises Improvements - SQL Auditing "Column Integrity Monitoring"
Hi Team, We are pleased with the SQL Auditing and everything works out of the box. Thanks, ME! One of the Customers wants to monitor a column that stores a money value for entries. Currently, the Column Integrity Monitoring report says, $20 has been changed
Log360 now allows technicians to access O365 Manager Plus!
Hello all! We are delighted to announce the release of Log360 build 5065. This latest build comes with the below enhancement: Apart form the admins, now the technicians created in EventLog Analyzer and ADAudit Plus components of Log360 can login to the
Getting Syslog Data from Palo Alto Cortex
Hello I am trying to get Palo Alto Cortex to talk to Log360 - to send syslog traffic to the server which is on my network, NATed to our firewall. The firewall does see traffic from our host on the IP addresses but Log360 does not appear to be set up to
Still seeing old Log4j files
So, I followed the directions here "Move the downloaded jar files to <Installation dir>/elasticsearch/ES/lib" https://pitstop.manageengine.com/portal/en/community/topic/log4j-cve-2021-44228-vulnerability-fix-1 My Nessus vulnerability scanner sees old
Steps to protect Log360 from Log4j Vulnerabilities
This post has been updated on 21/12/2021. Dear users, Three high severity vulnerabilities, (CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105), impacting multiple versions of Apache Log4j utility, were disclosed recently. We have found no evidence
Precautionary steps to protect Log360 UEBA from Log4j vulnerabilities CVE-2021-45046, CVE-2021-44228, CVE-2021-45105, and CVE-2021-44832
In Log360 UEBA , the affected log4j version is used in the bundled dependency. Our security experts are analyzing the issue and as of now, we have no conclusive evidence of our product being affected by it. However, we strongly recommend all our customers
Log360 not starting
We have purchased log360 license. The software was functioning well but suddenly it has stopped working. The details are attached
Remote Install
I'm wanting to install the Log 360 agent remotely using desktop central . Since this needs a key, is it possible to create an MST or any other way to install this agent? I have a lot of computers working remotley so using a GPO won't work.
Technician / Named user access to ADManager in Log360?
When I login with a admin or technician AD integrated user, I can get to all the modules except for ADManager. I don't see any way to give access on that module to any user but the built in Admin. Is that right or am I missing something?
Can I export raw log to excel file
Dear All I used Log360 collect log from our firewall, on web dashbord we can see top denied and allow , but I need to export raw log that have information bout source , destination , port, time . it posible to do or not, I do not see menu how to do
LOG360 UEBA disk occupation
Hello, I have done a new installation of LogAnalyzer+AdAudit+UEBA on the same server/disk. I have noticed that UEBA is occupying a lot of space, around 120GB of 200GB and has completely filled the disk. Is it possible to reduce the size of UEBA? It seems
ManageEngine named a 2020 Gartner Peer Insights Customers’ Choice for Security Information and Event Management!
ManageEngine has been recognized as a Customers’ Choice in Gartner Peer Insights Voice of the Customer for Security Information and Event Management (SIEM) for the second time. This distinction is based on 155 reviews submitted by IT security professionals who have worked hands-on with Log360. As of May 31st, 2020, Log360 secured an average overall rating of 4.5 out of 5. We take pride in building a SIEM solution that is not only easy to deploy, but also offers valuable features such as the auto-discovery
[Critical] ManageEngine Log360 - Security advisory regarding unauthenticated product integration vulnerability fix
Dear Patron, We would like to inform you that the latest version of Log360, build 5166, fixes a critical security issue. Some versions of Log360 have the unauthenticated change to integration system vulnerability, which was reported on Medium by Florian Hauser. This article explains how you can identify if your Log360 installation (including the add-ons) is affected, and fix it. It also offers the steps to protect your installation even if it is not affected. What is the issue? Log360 had a vulnerable (CVE-2020-24786) endpoint
Listen to our two-part expert podcast series featuring the Monopoly Man.
Hello, We are pleased to announce the launch of our first-ever expert tech talk podcast series featuring renowned privacy expert, Ian Madrigal. Ian, popularly knows as the Monopoly Man, and Sid, our IT security expert, together have shared detailed insights on data privacy, compliance mandates, data breaches in the episodes. Tune in now In this
A big 'Thank You'. From all of us, to all of you!
Hey folks, This Thanksgiving, we'd like to thank you all for being a part of the Log360 community and for constantly supporting and motivating us to up our game. Here's a little something to let you know how much we value you: And before you kick-start this holiday season, on behalf of the entire Log360 family, I'd like to wish you a very Happy Thanksgiving! I hope you have lots of fun! You so deserve it!
Secure your cloud with this award-winning Log360 add-on.
Hello, We're thrilled to announce that ManageEngine has been named the best cloud security vendor in the Tahawul Tech Future Security Awards held in Dubai. Our solution, Cloud Security Plus, was recognized for its comprehensive cloud security features. And here's more good news: Cloud Security Plus can easily be integrated within Log360! Go ahead and try the product for free. If you like it, you can easily add it from your central Log360 dashboard. Download a free trial of Cloud Security Plus Highlights
ManageEngine's IT Security Podcast series is here! Subscribe now.
Hello, Have you ever imagined listening to your favorite IT security expert discuss the ways you can enhance the security posture of your environment on-the go? Now you can! We're thrilled to announce the launch of our weekly podcast series where our security experts, including Derek Melber, Active Directory MVP, will present their take on a wide range of IT security topics. Subscribe now By subscribing and listening to
Port 8095 redirect to port 443
Hi I have a new Log360 installation, first everything worked fine. But when I tried to add a certificate something got broken. I change server.xml but created a copy of the file first. I forgot to enable HTTPS under Admin. After I changed back to the original server.xml I cannot access Log360 at all. When I go to http://log360.domain.com:8095 I am redirected after a second to https://log360.domain.com. https://log360.domain.com is the address to ADAudit. I get the same error on server, http://localhost:8095 redirect
Tell the world how much you love us!
Dear Log360 Patrons, Your opinion greatly matters to us, and to your peers too. We'd love to have your unbiased feedback about Log360 in one of the most renowned software review platforms, Gartner Peer Insights. Review Log360 on Gartner Peer Insights I promise that the review will take just 15 to 20 minutes of your time. We really appreciate your time and effort. What you should do? Sign up at Gartner Peer Insights. It just requires your business email and a little information about your company.
Help us understand and measure your SOC performance
What gets measured gets managed. Are you measuring your security operations center's (SOC) performance? The IT security team's performance measurement has always been subjective in the last decade. With more and more security techniques emerging, organizations come up with different metrics to measure the performance of their security operations center (SOC). But, are you measuring the output correctly? Most times, organizations measure the right parameter but in the wrong way. How do you know
Data Security Plus integrates with Log360
Dear All, Joining the Log360 bandwagon is DataSecurity Plus, a data visibility and security solution, capable of data discovery, file storage analysis, and Windows file server auditing. What benefits does this integration bring? Data discovery Find, analyze, and track sensitive personal data—also known as personally identifiable information (PII)—stored in files, folders, or shares. File server auditing Audit and monitor, report and alert on all file accesses and modifications made in your file server
[Webinar] What GDPR means to IT security admins?
Hello everyone, The biggest challenge to every IT security admin in complying with the General Data Protection Regulation (GDPR) is detection and reporting data breaches within the 72-hour deadline. As an IT security admin, you would've reworked your enterprise's security strategy to prevent data breaches. But, what if it still occurs? Do you have measures in place to instantly detect the initial signs of a data breach and stop it before it sweeps personal data? Have you deployed technical measures to
Webinar: Tackle threats using this simple three-step approach
Hey everyone, This October 16th at 2pm EDT, let's talk all about threats and threat management. Join us for our webinar, "Tackling threats: The three-step approach", and discover a simple framework you can use to deal with all threats to your network. Register now » Your network is susceptible to millions of malicious actors present around the globe. Threat feeds provide all the information you need about these threats, but how do you use this information? How can you deal with threats in an efficient
TWTQ: Create a session activity rule
Hey everyone, Here's This Week's Top Question (TWTQ): Q: What are activity rules? How do I create them? A: Log360 allows you to perform in-depth user activity auditing, and track user sessions from start to close. Log360's session activity reports tell you which user started sessions on which device, when these sessions were started and ended, and the status and duration of each session. It also gives you minute details of their activity during each session in timeline form. Normally, a session
TWTQ: Session activity reports
Hey everyone, Here's This Week's Top Question (TWTQ): Q: What are session activity reports? How do I view them? A: Log360 helps you audit network activity with hundreds of reports based on the type of events found in your network logs. It also goes one step further by providing you with session activity reports. These reports help you track entire user sessions from start to close, including details of their activity during the session. You can access them by going to the Correlation tab, and selecting
Free training and certification: Learn about our latest SIEM features
Hey everyone, The latest round of our online training and certification program for Log360 is here, and it starts on August 28. Register now » What do I get by attending this program? Understand how to gain valuable insights into network and user activity. Learn about network security and auditing with practical use cases. Get expert tips and tricks on making your SIEM deployment efficient. Earn a Log360 training completion certificate absolutely free, by answering some simple questions at the end
TWTQ: The latest correlation rule builder
Hey all! Here's This Week's Top Question (TWTQ): Q: How do I create rules using the correlation rule builder? A: We are constantly updating Log360's correlation module by adding new rules or features which make it easier to use. In build 11134 of the EventLog Analyzer component of Log360 (released in May), the correlation rule builder has gotten a revamped interface, which makes it even more user-friendly. First, a quick refresher on what a correlation rule is: A correlation rule is simply a pattern
TWTQ: Enabling advanced auditing reports
Hey everyone! Here's This Week's Top Question: Q: How do I enable advanced auditing reports for my SQL Server? A: Log360 generates a wide variety of reports that help audit your SQL Servers. There is also an additional set of advanced auditing reports you can get, if you choose to enable them. These reports help any database administrator take their auditing game to the next level, by providing granular details regarding your database activity. These reports include details about users' last login
TWTQ: Tracking data values in confidential data modifications
Hey everyone, Here's This Week's Top Question (TWTQ): Q: What is column integrity monitoring? What information does it give me? A: Log360 doesn't just give you exhaustive database audit reports - it can even tell you the actual values of data which have been modified. Any database administrator knows the value of preserving data integrity in their databases. When critical data is modified, it could negatively impact your business processes. For instance, a small change to your confidential sales
Next Page