Starting Log360 Cloud

You can either configure an On-premise agent or a Cloud Account to get started.

This page describes the various steps involved in configuring an on-premise agent or a cloud agent.

1. Configure an agent
2. Configure advanced threat analytics
3. Configure Log360 Cloud Account

Configure Log360 Cloud Agent

1.1 Download agent

• Click the Download Agent button to download the agent.



• Run the downloaded Log360CloudAgent.exe file and complete the installation process.
• Once the agent installation is completed, it will be automatically identified. However, the agent will not communicate with Log360 Cloud until it is approved.

1.2 Approving the agent

Downloaded agents can be approved once they are identified.

• For a single agent:
  • Approve directly from the Log360Cloud setup page using the Approve button.

  

  • Once the agent is approved, it will take some time for the agent to synchronize with Log360 Cloud account.

  

• For multiple agents:
  • Agents will be listed in the Pending Agent Registrations table. Click Show to view this table.
  • Select agents in bulk or filter them to complete approval.

  

  • If approved agents fail to communicate with Log360Cloud, the status will change to Sync failed. To resolve this issue, follow the troubleshooting steps to re-establish communication.
  • Agents will be automatically uninstalled from machines that are rejected

  Note: When multiple agents are installed, the Log360 Cloud redirects to the home page upon approval of at least one agent. The status of other unapproved agents can be viewed under Manage Agents.

On completing installation, data synchronization will begin and Log360 Cloud Agent will start pushing logs to the cloud.

Configure Log360 Cloud Agent without GUI

Note: For operating systems without a graphical user interface, like the Windows Server Core, you can perform silent installation of the agent using the following steps:

• Download Log360CloudAgent.exe from Log360Cloud and place it in your preferred folder.
• Open a command prompt window and navigate to the folder where the agent was downloaded.
• Enter the following command to initiate the silent installation:

Configure advanced threat analytics

• Login to Log360 Cloud and navigate to Settings → Admin Settings → Threat Management.
• Enable the Default Threat Server and Advanced Threat Analytics options.
• Now the threat feeds have been enabled.

Configure Log360 Cloud Account

Click on Configure Cloud Account under Cloud Source Configuration.

The following page will appear.

Enter the following details:

• In the Select Cloud Type field, select the cloud type from the drop-down list.
• In the Display Name field, enter the name.
• Enter the Access Key ID and Secret Access Key.

Note:

To get the access key ID and secret access key

• Login to your AWS Console.
• Create an IAM User.
• Grant programmatic access to the IAM user.
• Create a policy for the IAM user by copying the policy document.
• Enter the generated access key ID and secret access key in the above fields.
• Create/Connect to existing cloudtrail.
• Click on Save.