Help Document

Starting Log360 Cloud

You can either configure an On-premise agent or a Cloud Account to get started.

This page describes the various steps involved in configuring an on-premise agent or a cloud agent.

  1. Configure an agent
  2. Configure a cloud account

Configure Log360 Cloud Agent

Starting Log360 Cloud

To sync Log360 Cloud with the Log360 Cloud Agent, you will have to obtain the security access key of Log360 Cloud and enter it in the Log360 Cloud Agent installation.

To obtain the security access key of Log360 Cloud, follow the steps given below.

  • Open Log360 Cloud and select the Settings tab.
  • Then navigate to Log360Cloud Agent under Admin Settings.
  • The access key will be available in Step 3 of the page.

Security Access Key

To enter the access key in the Log360 Agent console, follow the steps given below.

  • If you have not downloaded the Log360 Cloud Agent already, click here.
  • Run the Log360CloudAgent.msi file. An installation wizard will begin.
  • Log360 Cloud Security Access Key

  • Follow the steps given in the installation wizard to start the installation.
  • On starting the installation, you will be prompted for an Access Key. Enter the access key that was obtained from Log360 Cloud and click OK.
  • Security Access Key

  • Now the installation will be completed.

On completing installation, data synchronization will begin and Log360 Cloud Agent will start pushing logs to the cloud.

Configure advanced threat analytics

Please follow the steps given below to enable threat feeds from your local EventLog Analyzer installation.

  • Download and install the EventLog Analyzer agent.
  • Login to Log360 Cloud and navigate to Settings → Admin Settings → Agent Configuration. Copy the access key given in the page.
  • Security Access Key

  • Open EventLog Analyzer and navigate to Settings → Configuration → Threat Management. Click on the Advanced Threat Analytics tab and click on the icon-edit icon next to the Access Key field. Enter the access key copied from the previous step and click on Update Key.
  • Log360 Cloud Security Access Key

  • Now the threat feeds have been enabled.

Configure Log360 Cloud Account

Click on Configure Cloud Account under Cloud Source Configuration.

Starting Log360 Cloud

The following page will appear.

Starting Log360 Cloud

Enter the following details:

  • In the Select Cloud Type field, select the cloud type from the drop-down list.
  • In the Display Name field, enter the name.
  • Enter the Access Key ID and Secret Access Key.
  • Note:

    To get the access key ID and secret access key

    • Login to your AWS Console.
    • Create an IAM User.
    • Grant programmatic access to the IAM user.
    • Create a policy for the IAM user by copying the policy document.
    • Enter the generated access key ID and secret access key in the above fields.
  • Create/Connect to existing cloudtrail.
  • Click on Save.