Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Delivers LCE 5.0.0

Tenable is pleased to announce a major update to the Log Correlation Engine® (LCE®), making it easier to scale horizontally to meet growing organizational demands on performance and redundancy. Additionally, LCE 5.0.0 greatly expands language support for log data. This release will be available on January 30th, 2017.

Scalability and language support with Elasticsearch integration

The biggest update to the Log Correlation Engine in version 5.0.0 is the replacement of our proprietary database format with Elasticsearch. Elasticsearch is a document-store database that wraps Apache Lucene, providing horizontal scaling, built-in indexing, a REST API, and a comprehensive query language. Users unfamiliar with Elasticsearch need not worry - LCE handles setup, schema, and disk usage. Users familiar with Elasticsearch will immediately see the benefits:

  • Horizontal scalability for additional performance and redundancy
  • Integration with other Elasticsearch utilities such as Kibana for faster or more familiar log search, visualizations, and dashboards
  • Language support for Chinese, Japanese, Korean and other characters for storage, index, and query of log data

Kibana screen shot

LCE language support screen shot

Custom actions and real-time alerting with the Event Rule Editor

The Event Rules are one of the most powerful features in LCE, giving users the ability to take action and trigger alerts in real time. LCE 5.0.0 now makes the Event Rules much easier to create and maintain. The new editor in the UI guides users through all of the possible filters and actions available.

Creating an event rule

Enhanced language support with Windows Agent 5.0.0

Tenable will also introduce the LCE 5.0.0 Windows Agent, to coincide with the LCE 5.0.0 Server. The new agent adds the ability to monitor text files and NT event logs with Unicode log data, allowing users to send non-English logs from the LCE agent to the LCE server intact.

This update also greatly eases installation and configuration overhead for administrators by removing some installation requirements and adding full support for DHCP.

For users who need to pare down the data they send from the agent to the server, we’ve also added native NT event log filtering; just specify the event source and event ID to ignore in the agent policy, and you’ll save network bandwidth and CPU while reducing unnecessary log data in the LCE Server.

Improved agent policy management

Policy management gets faster and easier with LCE 5.0.0. Power users who create their own custom policies can now quickly see only those custom policies with the Hide Default button.

Some aesthetic updates were also made to the Policy screen - all of the actions are now exposed by clicking the Modify icon to the right of the policy name. The layout was also modified to ensure constant height rows for easier readability.

Policy Management in LCE

Downloading LCE

You can download LCE 5.0.0 and the LCE Windows Agent 5.0.0 from the Tenable Support Portal on January 30, 2017.

 

Elasticsearch is a trademark of Elasticsearch BV.
Apache, and Apache Lucene are trademarks of the Apache Software Foundation.

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,190.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security