User guide

ManualsBrandsQ-See ManualsComputer equipmentRemote Client Software V 4.0.1

Table of Contents

Introduction ......................................................................................................................................... 4

Standards and Conventions ....................................................................................................................... 4

Log Correlation Engine Client Overview........................................................................................... 4

Running LCE Clients Directly on the LCE Server ...................................................................................... 5

Running Multiple LCE Clients on One Host ............................................................................................... 5

Maximum Number of LCE Clients............................................................................................................... 5

LCE Client Types and Platforms ................................................................................................................. 5

Quick Start Summary ......................................................................................................................... 7

Diagnosing Connection Problems.............................................................................................................. 7

LCE Manager and SecurityCenter Client Management ................................................................... 8

LCE Client Manager ............................................................................................................................ 8

LCE Client Manager Interactive Mode ........................................................................................................ 9

[g] Grant Authorization to a Client .............................................................................................................. 9

[r] Revoke Authorization to a Client ............................................................................................................ 9

[d] Display Clients by Policy Assignment .................................................................................................. 10

[p] Display Available Policies ................................................................................................................... 10

[a] Add New Policy ................................................................................................................................... 10

[c] Copy a Policy ...................................................................................................................................... 10

[m] Modify an Existing Policy ................................................................................................................... 10

[s] Assign a Policy to a Client(s) ............................................................................................................... 10

[v] Assign Client(s) to a New LCE Server ................................................................................................. 10

[i] Import a Policy File ............................................................................................................................... 10

[n] Assign a Sensor Name to Client(s) ..................................................................................................... 11

[x] Remove a Client.................................................................................................................................. 11

[q] Exit...................................................................................................................................................... 11

LCE Client Manager Command Line Options .......................................................................................... 11

Usage Example (Interactive Mode) ........................................................................................................... 11

XML Policy Representation of Client Manager Parameters .................................................................... 15

LCE Conf Converter .................................................................................................................................. 16

LCE Linux and Unix-based Clients .................................................................................................. 17

Installing the LCE Linux and Unix-Based Clients .................................................................................... 17

Installation Directories .............................................................................................................................. 18

Upgrading the LCE Clients ....................................................................................................................... 18

Removing the LCE Clients ........................................................................................................................ 18

LCE Linux and Unix-Based Client Configuration .................................................................................... 19

LCE Client ............................................................................................................................................... 20

Policy Parameters .................................................................................................................................................... 21

Performance Reporting ............................................................................................................................................ 22

LCE WMI Monitor Agent .......................................................................................................................... 23

WMI monitor LCP policy file ..................................................................................................................... 25

WMI Encrypted Credentials ..................................................................................................................................... 26

Tenable NetFlow Monitor ......................................................................................................................... 29

Default Netflow Policy .............................................................................................................................................. 30

Tenable NetFlow Monitor Event Types .................................................................................................................... 31

Usage ....................................................................................................................................................................... 31