- Overview
- Configuration
Log360
Strengthen security and auditing by integrating ADManager Plus with Log360
Log360 is an all-inclusive SIEM solution that offers log and incident management features, collecting and analyzing logs to provide insights into network security events. Integrating Log360 with ADManager Plus strengthens security while simplifying user account management across AD, Exchange and Microsoft365. This integration allows organizations to efficiently forward management logs, fulfill audit requirements, and ensure compliance with various IT regulations. By connecting ADManager Plus with Log360, businesses can ensure smooth log forwarding and adherence to compliance standards.
Real-time alerts and automated responses
Establishes real-time alerts for specific Active Directory events to ensure quick notifications and responses to security incidents.
Enhanced security monitoring
Improves security by correlating the activities of admins and technicians using ADManager Plus with Log360 to strengthen the detection and analysis of security threats.
Audit trails and forensic analysis
Enables organizations to maintain detailed audit trails, which is essential for forensic analysis during security incidents.
Steps to integrate Log360 with ADManager Plus
Note: For security reasons, only ADManager Plus' built-in administrator can enable this integration with Log360.- Log in to ADManager Plus and navigate to the Admin tab.
- Under System Settings, click Integrations.
- Under Log Forwarding, click Log360.
- Toggle the Enable Log360 Integration option on to
enable the integration and configure the following:
- SOAR Workflow: Enable the Allow Log360 SIEM, to execute AD management actions option to allow Log360 to trigger AD management actions in ADManager Plus as part of automated threat remediation workflows using its SOAR module. When enabled, Log360 can respond to detected threats by executing actions such as disabling users, resetting passwords, or modifying group memberships directly through ADManager Plus. Note: This option should be enabled only if you want Log360 to perform automated remediation actions using ADManager Plus.
- Log Forwarding: To enable log forwarding, select the
Enable Log Forwarding checkbox. After enabling
it,
configure the following log forwarding settings:
- Server Name: Enter the name of the machine where EventLog Analyzer is installed.
- Port Number: Enter the port number where the EventLog Analyzer service is running.
- Protocol Settings: Select the protocol to be used for connecting to the EventLog Analyzer server.
- Authentication: Enable this option to provide authenticated access to the server when EventLog Analyzer is installed on a remote machine and to configure the Super Admin's credentials in the Username and Password fields.
- Log Type: Select the type of log that you would
like to
forward to EventLog Analyzer: Access
Log,
Debug Log, or User activity
Log.
- Access Log: Select this log type if you would like to forward ADManager Plus' web server access logs.
- Debug Log: Select this log type if you would like to forward event logs related to startups and logins.
- User activity Log: Select this log type if you would like to forward logs of actions performed by technicians in ADManager Plus.
- Configure Syslog Port Manually: Enable this option to manually configure the syslog port. Note: By default, this option is unchecked, and the port details will be automatically populated from EventLog Analyzer.
- Syslog Protocol: Select the protocol that must be used to forward the logs.
- Syslog Port: Enter the port to which logs must be forwarded.
- Click Test Connection and Save to establish a connection and save the settings.