{ "name": "logrhythm", "description": "LogRhythm delivers in-depth endpoint visibility, automated threat hunting and breach response across the entire enterprise. LogRhythm enhances investigator productivity with extensive rules and user behavior analytics that brings the skills and best practices of the most experienced security analysts to any organization, resulting in significantly lower costs. This connector supports the investigation actions like Get Alarm, Update Alarm etc on LogRhythm SIEM.", "version": "3.0.1", "buildNumber": 7230, "tags": null, "publishedDate": 1663233102, "lastUpdated": 1711141229, "type": "connector", "label": "LogRhythm", "availableVersions": [ "1.0.0", "2.0.0", "2.1.0", "3.0.0", "3.0.1", "3.1.0" ], "scm": { "forks": 0, "watchers": 0, "stars": 0, "type": "private", "url": "https://gitlab-van.corp.fortinet.com/fortisoar/connectors-group/connector-logrhythm" }, "infoPath": "/content-hub/logrhythm-3.0.1/7230", "publisher": "Community", "certified": false, "category": "Analytics and SIEM", "iconLarge": "/content-hub/logrhythm-3.0.1/7230/images/large.png", "operations": [ { "description": "Retrieves a list of all alarms or a filtered list of alarms from the LogRhythm server, based on the input parameters you have specified. ", "title": "Search Alarm", "operation": "list_alarm", "visible": true }, { "description": "Retrieves the details of a specific alarm from the LogRhythm server, based on the alarm ID you have specified. \nNote: This operation uses LogRhythm's Alarm API to retrieve details of the alarm. ", "title": "Get Alarm Details", "operation": "get_alarm_details_ex", "visible": true }, { "description": "Retrieves the events associated with a specific alarm from the LogRhythm server, based on the alarm ID you have specified. \nNote: This operation uses LogRhythm's Alarm API to retrieve events of the alarm. ", "title": "Get Alarm Events", "operation": "get_alarm_events_ex", "visible": true }, { "description": "Retrieves the summary of a specific alarm from the LogRhythm server, based on the alarm ID you have specified.", "title": "Get Alarm Summary", "operation": "get_alarm_summary", "visible": true }, { "description": "Retrieves the history of a specific alarm from the LogRhythm server, based on the alarm ID and other input parameters you have specified.", "title": "Get Alarm History", "operation": "get_alarm_history", "visible": true }, { "description": "Updates alarm information such as the alarm status, RBP, etc. of a specific alarm in the LogRhythm server, based on the alarm ID you have specified.", "title": "Update Alarm", "operation": "update_alarm", "visible": true }, { "description": "Updates the alarm history table with comments in the 'Comments' column in the LogRhythm server, based on the alarm ID you have specified.", "title": "Add Alarm Comment", "operation": "add_alarm_comment", "visible": true }, { "description": "Retrieves the details of a specific alarm from the LogRhythm server, based on the alarm ID you have specified.", "title": "DrillDown - Get Alarm Details", "operation": "get_alarm_details", "visible": true }, { "description": "Retrieves the details of a events associated with an alarm from the LogRhythm server, based on the alarm ID you have specified.", "title": "DrillDown - Get Alarm Events", "operation": "get_alarm_events", "visible": true }, { "description": "Retrieves the details of a specific hosts from the LogRhythm server, based on the Host ID you have specified or all hosts.", "title": "Get Hosts", "operation": "get_hosts", "visible": true }, { "description": "Retrieves the details of a hosts from the LogRhythm server, based on the entity you have specified.", "title": "Get Hosts by Entities", "operation": "get_host_by_entities", "visible": true }, { "description": "Creates a new case based on the name, priority, and other input parameters you have specified. ", "title": "Create Case", "operation": "create_case", "visible": true }, { "description": "Returns a filtered list of cases. Supports pagination.", "title": "Get Case List", "operation": "list_cases", "visible": true }, { "description": "Returns the summary of a case by Id.", "title": "Get Case", "operation": "get_case", "visible": true }, { "description": "Updates case information such as the case name, priority, due date, etc based on the case\u202fID you have specified.", "title": "Update Case", "operation": "update_case", "visible": true }, { "description": "Returns the owner and a list of collaborators associated with a specific case.", "title": "Get Case Collaborators", "operation": "get_case_collaborators", "visible": true }, { "description": "Returns a list of cases associated with a specific case.", "title": "Get Associated Cases List", "operation": "get_associated_cases_list", "visible": true }, { "description": "Return metrics for a specified case.", "title": "Get Case Metrics", "operation": "get_case_metrics", "visible": true }, { "description": "Adds alarms as evidence to a specific case\u202fbased on the case ID you have specified.", "title": "Add Alarm Evidence", "operation": "add_alarm_evidence", "visible": true }, { "description": "Adds a note as evidence to a specific case\u202fbased on the case ID you have specified.", "title": "Add Note Evidence", "operation": "add_note_evidence", "visible": true }, { "description": "Adds a file as evidence to a specific case in the LogRhythm server, based on the case ID you have specified.", "title": "Add File Evidence", "operation": "add_file_evidence", "visible": true }, { "description": "Return a list of evidence summaries for a case.", "title": "Get Evidence list", "operation": "get_evidence_list", "visible": true }, { "description": "Return a summary of an item of evidence on a case.", "title": "Get Evidence", "operation": "get_evidence", "visible": true }, { "description": "Return the progress of a pending item of evidence. for example, a file upload).", "title": "Get Evidence Progress", "operation": "get_evidence_progress", "visible": true }, { "description": "Return the list of user events added as evidence on a case.", "title": "Get User Event List", "operation": "list_user_events_evidence", "visible": true }, { "description": "Downloads a specific item of file evidence of a specified case in the LogRhythm server, based on the case ID and evidence ID you have specified.", "title": "Download File Evidence", "operation": "download_file_evidence", "visible": true }, { "description": "Deletes a specific item of file evidence from a specified case in the LogRhythm server, based on the case ID and evidence ID you have specified.", "title": "Delete Case Evidence", "operation": "delete_case_evidence", "visible": true }, { "description": "Adds specific tags to a specific case in LogRhythm based on the case ID and tag numbers you have specified.", "title": "Add Case Tags", "operation": "add_case_tags", "visible": true }, { "description": "Retrieves a list of all case tags or specific case tags from LogRhythm based on the input parameters you have specified.", "title": "List Case Tags", "operation": "list_case_tags", "visible": true }, { "description": "Removes specific tags from a specific case in LogRhythm based on the case ID and tag numbers you have specified.", "title": "Remove Case Tags", "operation": "remove_case_tags", "visible": true }, { "description": "Returns details of lists from LogRhythm\u202fbased on the list type and other input parameters you have specified. \nNote: If you do not specify any list type, then the 'User' list is returned.", "title": "Get List Details", "operation": "get_list_details", "visible": true }, { "description": "Returns all networks or specific networks from LogRhythm based on the list type and other input parameters you have specified.", "title": "Get Network List", "operation": "get_network_list", "visible": true }, { "description": "Returns all users (hosts) or specific users from LogRhythm based on the list type and other input parameters you have specified.", "title": "Get User List", "operation": "get_user_list", "visible": true } ], "help": "https://docs.fortinet.com/document/fortisoar/3.0.1/logrhythm/390/logrhythm-v3-0-1", "dependentSolutionPacks": [], "releaseNotes": "available" }