Introducing enhanced security: Dark web monitoring and Endpoint Central integration
We are excited to announce the newest threat detection, investigation and response capabilities of Log360! Dark web monitoring: Continuously scan the dark web for leaked credentials and personal information associated with your organization, employees,
Mark Your Calendar: Shield 2024 IAM and Cybersecurity Seminar in on June 6th at Singapore!
Hello! We are thrilled to send you this exclusive invite to be a part of Shield 2024: An IAM and Cybersecurity seminar at Singapore on June 6th. Our senior technology evangelists will be sharing their thoughts on how you can better manage, monitor, and
Log360 SOC module
When is Manage engine Log360 launching or releasing the SOC Module?
Log360 5425 Release bundle includes a new investigation console - The Incident Workbench, and 50+ additional correlation rules.
The latest Log360 release has the following features and enhancements: The Incident Workbench - an exclusive investigation console that integrates UEBA for user analytics, process spawning analytics with tree visualization, and advanced threat analytics
Threat Maps
Is it possible for Manage engine Log360 to borrow some ideas of Threat Maps like : https://www.proprofs.com/quiz-school/quizreport.php?title=log-360-mecpp-2021n6&sid=332091374
We have exciting news to share with you! The MSSP edition of our SIEM solution, Log360 MSSP, is here.
We're thrilled to announce the launch of Log360 MSSP Edition, in our on-premise SIEM solution. In a recent study conducted by ManageEngine, it's become evident that organizations are grappling with a shortage of cybersecurity talent and budgetary constraints.
email alerts
Hello, One of my clients just recently installed Log360 with Event Log Analyzer, UEBA and AD Audit Plus. They're complaining that they're receiving too many emails from the default threath alert. How can we change it so it stops sending so many emails?
Log360 Suite - Migrating DB & ES to remote servers
I have Log360 Suite with six components (AD Audit Plus, AD Manager Plus, Data Security Plus, Log360 & Log360UEBA) on a single Windows Server 2019. Despite tune-ups and increasing resource allocation to 128GB RAM, we're experiencing performance issues.
Data Security Plus integrates with Log360
Dear All, Joining the Log360 bandwagon is DataSecurity Plus, a data visibility and security solution, capable of data discovery, file storage analysis, and Windows file server auditing. What benefits does this integration bring? Data discovery Find, analyze, and track sensitive personal data—also known as personally identifiable information (PII)—stored in files, folders, or shares. File server auditing Audit and monitor, report and alert on all file accesses and modifications made in your file server
Log360 now allows ML-based automation for alerts threshold.
Hello all, Log360 now offers an industry-first, dual-layered system for precise and accurate threat detection in Vigil IQ, its TDIR module. This is available from build 5345. The new adaptive threshold feature: Uses ML algorithms to analyze the usual
Log360 - Year in review
The year 2023 has been a remarkable one for Log360. With the introduction of a multitude of features and enhancements, Log360 has continued to evolve, making it easier for administrators to manage and secure their network infrastructure effectively. Here
Performance Suggestions
Good afternoon, I have recently began standing up my Log360 server with m365 manager plus, eventlog analyzer, Log360UEBA, Data Security Plus running off the same physical hardware. It has been up for about a week. I purchased a Dell PowerEdge R7255 with
Log360 is locking out one of our domain accounts
I can see log360 sending a bad password for a domain account it is using for authentication somewhere, but i can't find exactly where. is there a list of areas where domain credentials are configured in the product? all of them i can find are using another
Proper update procedure for Log360 and add-ons
We are using Log360 with several add-on products that were installed using the Log360-specific versions of the applications. I noticed that when attempting to install a service pack for Log360 there was a statement about updating EventLog Analyzer.
How to export raw log from log 360
Dear All I used Log360 to keep log from ASA firewall, but how to I export RAW log to excel file format Thank you for your support
Security Advisory - Log360 versions 5228 and below.
We have addressed a recently discovered authentication bypass vulnerability affecting the REST API URLs in Log360. This article provides more information on the issue and how to resolve it. What is the issue? An authentication bypass vulnerability affecting
LOG360 Services Stopped
Hi, The services of the Log360 program are constantly stopping. When the server restarts, it works for 10 - 20 seconds and then stops automatically. What is the reason of this? We are currently unable to use the program. Does anyone have a solution suggestion
Log360 On-Premises Improvements - SQL Auditing "Column Integrity Monitoring"
Hi Team, We are pleased with the SQL Auditing and everything works out of the box. Thanks, ME! One of the Customers wants to monitor a column that stores a money value for entries. Currently, the Column Integrity Monitoring report says, $20 has been changed
Log360 now allows technicians to access O365 Manager Plus!
Hello all! We are delighted to announce the release of Log360 build 5065. This latest build comes with the below enhancement: Apart form the admins, now the technicians created in EventLog Analyzer and ADAudit Plus components of Log360 can login to the
Getting Syslog Data from Palo Alto Cortex
Hello I am trying to get Palo Alto Cortex to talk to Log360 - to send syslog traffic to the server which is on my network, NATed to our firewall. The firewall does see traffic from our host on the IP addresses but Log360 does not appear to be set up to
Still seeing old Log4j files
So, I followed the directions here "Move the downloaded jar files to <Installation dir>/elasticsearch/ES/lib" https://pitstop.manageengine.com/portal/en/community/topic/log4j-cve-2021-44228-vulnerability-fix-1 My Nessus vulnerability scanner sees old
Steps to protect Log360 from Log4j Vulnerabilities
This post has been updated on 21/12/2021. Dear users, Three high severity vulnerabilities, (CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105), impacting multiple versions of Apache Log4j utility, were disclosed recently. We have found no evidence
Precautionary steps to protect Log360 UEBA from Log4j vulnerabilities CVE-2021-45046, CVE-2021-44228, CVE-2021-45105, and CVE-2021-44832
In Log360 UEBA , the affected log4j version is used in the bundled dependency. Our security experts are analyzing the issue and as of now, we have no conclusive evidence of our product being affected by it. However, we strongly recommend all our customers
Apache Log4j Vulnerability (CVE-2021-44228) Fix in Log360 UEBA
The recent Apache Log4j security vulnerability (CVE-2021-44228) was publicly disclosed on December 9, 2021. It allows unauthenticated remote code execution in applications that use Apache's log4j versions above 2.0 and below 2.15.0. Log360 UEBA uses
Log360 not starting
We have purchased log360 license. The software was functioning well but suddenly it has stopped working. The details are attached
Remote Install
I'm wanting to install the Log 360 agent remotely using desktop central . Since this needs a key, is it possible to create an MST or any other way to install this agent? I have a lot of computers working remotley so using a GPO won't work.
Technician / Named user access to ADManager in Log360?
When I login with a admin or technician AD integrated user, I can get to all the modules except for ADManager. I don't see any way to give access on that module to any user but the built in Admin. Is that right or am I missing something?
Can I export raw log to excel file
Dear All I used Log360 collect log from our firewall, on web dashbord we can see top denied and allow , but I need to export raw log that have information bout source , destination , port, time . it posible to do or not, I do not see menu how to do
LOG360 UEBA disk occupation
Hello, I have done a new installation of LogAnalyzer+AdAudit+UEBA on the same server/disk. I have noticed that UEBA is occupying a lot of space, around 120GB of 200GB and has completely filled the disk. Is it possible to reduce the size of UEBA? It seems
ManageEngine named a 2020 Gartner Peer Insights Customers’ Choice for Security Information and Event Management!
ManageEngine has been recognized as a Customers’ Choice in Gartner Peer Insights Voice of the Customer for Security Information and Event Management (SIEM) for the second time. This distinction is based on 155 reviews submitted by IT security professionals who have worked hands-on with Log360. As of May 31st, 2020, Log360 secured an average overall rating of 4.5 out of 5. We take pride in building a SIEM solution that is not only easy to deploy, but also offers valuable features such as the auto-discovery
[Critical] ManageEngine Log360 - Security advisory regarding unauthenticated product integration vulnerability fix
Dear Patron, We would like to inform you that the latest version of Log360, build 5166, fixes a critical security issue. Some versions of Log360 have the unauthenticated change to integration system vulnerability, which was reported on Medium by Florian Hauser. This article explains how you can identify if your Log360 installation (including the add-ons) is affected, and fix it. It also offers the steps to protect your installation even if it is not affected. What is the issue? Log360 had a vulnerable (CVE-2020-24786) endpoint
Listen to our two-part expert podcast series featuring the Monopoly Man.
Hello, We are pleased to announce the launch of our first-ever expert tech talk podcast series featuring renowned privacy expert, Ian Madrigal. Ian, popularly knows as the Monopoly Man, and Sid, our IT security expert, together have shared detailed insights on data privacy, compliance mandates, data breaches in the episodes. Tune in now In this
A big 'Thank You'. From all of us, to all of you!
Hey folks, This Thanksgiving, we'd like to thank you all for being a part of the Log360 community and for constantly supporting and motivating us to up our game. Here's a little something to let you know how much we value you: And before you kick-start this holiday season, on behalf of the entire Log360 family, I'd like to wish you a very Happy Thanksgiving! I hope you have lots of fun! You so deserve it!
Secure your cloud with this award-winning Log360 add-on.
Hello, We're thrilled to announce that ManageEngine has been named the best cloud security vendor in the Tahawul Tech Future Security Awards held in Dubai. Our solution, Cloud Security Plus, was recognized for its comprehensive cloud security features. And here's more good news: Cloud Security Plus can easily be integrated within Log360! Go ahead and try the product for free. If you like it, you can easily add it from your central Log360 dashboard. Download a free trial of Cloud Security Plus Highlights
ManageEngine's IT Security Podcast series is here! Subscribe now.
Hello, Have you ever imagined listening to your favorite IT security expert discuss the ways you can enhance the security posture of your environment on-the go? Now you can! We're thrilled to announce the launch of our weekly podcast series where our security experts, including Derek Melber, Active Directory MVP, will present their take on a wide range of IT security topics. Subscribe now By subscribing and listening to
Port 8095 redirect to port 443
Hi I have a new Log360 installation, first everything worked fine. But when I tried to add a certificate something got broken. I change server.xml but created a copy of the file first. I forgot to enable HTTPS under Admin. After I changed back to the original server.xml I cannot access Log360 at all. When I go to http://log360.domain.com:8095 I am redirected after a second to https://log360.domain.com. https://log360.domain.com is the address to ADAudit. I get the same error on server, http://localhost:8095 redirect
Tell the world how much you love us!
Dear Log360 Patrons, Your opinion greatly matters to us, and to your peers too. We'd love to have your unbiased feedback about Log360 in one of the most renowned software review platforms, Gartner Peer Insights. Review Log360 on Gartner Peer Insights I promise that the review will take just 15 to 20 minutes of your time. We really appreciate your time and effort. What you should do? Sign up at Gartner Peer Insights. It just requires your business email and a little information about your company.
Help us understand and measure your SOC performance
What gets measured gets managed. Are you measuring your security operations center's (SOC) performance? The IT security team's performance measurement has always been subjective in the last decade. With more and more security techniques emerging, organizations come up with different metrics to measure the performance of their security operations center (SOC). But, are you measuring the output correctly? Most times, organizations measure the right parameter but in the wrong way. How do you know
[Webinar] What GDPR means to IT security admins?
Hello everyone, The biggest challenge to every IT security admin in complying with the General Data Protection Regulation (GDPR) is detection and reporting data breaches within the 72-hour deadline. As an IT security admin, you would've reworked your enterprise's security strategy to prevent data breaches. But, what if it still occurs? Do you have measures in place to instantly detect the initial signs of a data breach and stop it before it sweeps personal data? Have you deployed technical measures to
Webinar: Tackle threats using this simple three-step approach
Hey everyone, This October 16th at 2pm EDT, let's talk all about threats and threat management. Join us for our webinar, "Tackling threats: The three-step approach", and discover a simple framework you can use to deal with all threats to your network. Register now » Your network is susceptible to millions of malicious actors present around the globe. Threat feeds provide all the information you need about these threats, but how do you use this information? How can you deal with threats in an efficient
Next Page