You use the LogRhythm REST API key to gather additional event details for individual alarm fields. The API key provides details that are unavailable using the LogRhythm REST API.

Before you begin

Role required: LogRhythm Client Console/Platform Manager Administrator

About this task

This task is performed on the LogRhythm Client Console. Set up the LogRhythm REST API prior to installing the plugin from the ServiceNow Store.

Procedure

  1. Navigate to the LogRhythm Client Console and select the File menu.
  2. Click New to create a new user.
    File menu expanded in the LogRhythm Console.
  3. In the Is Person an Individual? dialog that is displayed, click Yes.
    Is Person an Individual dialog.
  4. In the Person Properties dialog that is displayed, fill in the Name fields.

    Use a different name for the LogRhythm REST API than the one you used to create the REST API, for example, REST API_2.

    Person Properties dialog with name fields highlighted.
  5. Click OK.
  6. Right-click the new listing in the Name column (API_2_REST) and, in the choice list, select Create Case API Account.
    Create Case API Account in LogRhythm Console.
    Note: The Case API is not used, but the credentials for the Case API Account and the LogRhythm REST API are the same.
  7. In the Service Account Properties dialog, click Generate.
    API Token in Service Account Properties dialog.
  8. Click Copy.
    Copy button on API Token API in Service Account Properties dialog.
    You have now set up the LogRhythm REST API. You paste the string you copied in the previous step into your ServiceNow AI Platform instance in the LogRhythm REST API Token field during the configuration steps listed in Install the plugin and configure LogRhythm.

What to do next

You are now ready to Install the plugin and configure LogRhythm.