Installation guide

Table 9 – LCE Options

Option

Description

Name

Name used to describe the Log Correlation Engine.

Description

Descriptive text for the Log Correlation Engine.

IP address of the Log Correlation Engine.

Organizations

Determines which Organizations will be able to access data from the configured Log

Correlation Engine.

Import Vulns

When enabled, allows Event vulnerability data to be retrieved from the configured LCE

4.2 server.

Repositories

Select the appropriate SecurityCenter repository(ies) to store the imported LCE data.

Vulnerability Log Host

Configures the Host, Port, Username, and Password settings to retrieve Event

vulnerability reports. The Host setting is populated by default with the same IP

address as the LCE IP setting. It may be adjusted manually as needed.

If using the Event vulnerability logs feature on an LCE server and a PVS

server on the same host IP, ensure that the PVS-proxy port and Event

vulnerability log host reporter-port are configured for different ports.

Log Correlation Engine Clients

Beginning in LCE 4.0, the LCE server has the ability to manage configuration files for LCE 4.x clients remotely from the

command line. SecurityCenter 4.6 introduces the ability to manage the configuration files for LCE 4.x clients via a

graphical interface.

The default view for the LCE Clients page displays all of the available clients for the selected LCE server in the “Filters”

section, and may be changed using the drop-down box. Using the “Type”, “OS”, and “Policy” filters, the displayed clients

may be narrowed down by a mix of criteria based on the client type, host OS, and assigned client policy file.

LCE Client versions 4.0 and higher display information in the table including their host address, authorization status, client

type, host OS, assigned policy file, and client version. These clients may all have their configuration files managed from

SecurityCenter.