📄️ Architecture
Logging Made Easy (LME) runs on Ubuntu and leverages Podman containers for security, performance, and scalability. We’ve integrated Wazuh, Elastic, and ElastAlert open-source tools to provide log management, endpoint security monitoring, alerting, and data visualization capabilities. This modular, flexible architecture supports efficient log storage, search, and threat detection--and enables you to scale as your logging needs evolve.
📄️ Configuring LME
The configuration files are located in /config/. These steps will guide you through setting up LME.
📄️ Logging Made Easy Security Model
This document outlines the LME security model from the user's perspective. It is intended to help users understand the security structure and make informed decisions about how to deploy and manage LME, considering the constraints and assumptions built into its design.
📄️ Password Encryption
LME uses Ansible Vault to securely encrypt all user and service passwords at rest, ensuring that credentials are protected even if the system is compromised. Each password is randomly generated and stored in a secure location. This page outlines where passwords are stored, how to retrieve them, and the process for managing passwords manually if needed.
📄️ FAQ
1. What Is CISA’s Logging Made Easy (LME)?
📄️ Troubleshooting Logging Made Easy Install
Installation
📄️ Dashboard Descriptions
Prerequisites
📄️ Proxy Installation Guide
The following steps will guide you through installing Logging Made Easy (LME) in environments where outbound internet access is routed through a proxy server. This guide explains how to configure system-wide proxy settings, ensure package managers and LME components (e.g., Wazuh, Elastic Stack) function correctly behind the proxy, and addresses common proxy-related issues that may arise.
📄️ Supported Linux Distributions
List of Supported Linux Distributions