Manualshelf

Installation guide

ManualsBrandsAbit ManualsComputer equipmentLicense Scanner
31323334353637383940
35
Log Correlation Engines
Tenable’s Log Correlation Engine (LCE) is a software module that aggregates, normalizes, correlates, and analyzes event
log data from the myriad of devices within the infrastructure. LCE 4.2 also has the ability to analyze logs for vulnerabilities
and allows SecurityCenter to retrieve the data. Since LCE is closely integrated with SecurityCenter, log analysis and
vulnerability management can be centralized for a complete view of an organization’s security posture.
SecurityCenter performs vulnerability, compliance, and event management, but does not directly receive logs or IDS/IPS
events. Combining the LCE with SecurityCenter does all of this by processing the events with the LCE and then passing
them on to SecurityCenter. Once transferred to SecurityCenter, the logs are aggregated further and made available for
analysis and reporting.
LCE version 4.2 is required for complete compatibility. Using a mixture of LCE 3.x and 4.x will result in most of
the newer features in version 4.x to be unused.
More than one Log Correlation Engine can be configured to work with SecurityCenter.