--- title: "Fortanix DSM with LogRhythm" slug: "using-fortanix-data-security-manager-with-logrhythm" updated: 2026-05-26T06:36:48Z published: 2026-05-26T06:36:48Z --- > ## Documentation Index > Fetch the complete documentation index at: https://support.fortanix.com/llms.txt > Use this file to discover all available pages before exploring further. # Fortanix DSM with LogRhythm ## 1.0 Introduction This article describes how to integrate and use **LogRhythm**as a Syslog server with **Fortanix-Data-Security-Manager (DSM)**. ## 2.0 Configure Syslog Server You can configure Fortanix DSM to send audit log entries to the Syslog server. Perform the following steps to configure logging events to the Syslog: 1. In the **Custom Log Management Integrations**section, click **ADD INTEGRATION** for Syslog. 2. On the **Syslog Log Management Integration** form: ![](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/Syslog-Landing-Page-FQDN(3).png) **Figure 1: Syslog integration form** - **Host**: Enter the hostname or IP address of your Syslog server. - **Enable TLS**: Select this check box to communicate with the Syslog server over a secure connection using TLS. - **Host validation**: The **Validate host** option, if selected, ensures that the hostname or IP address you entered matches the hostname on the server certificate, verifying that the connection is securely directed to the intended server. - **Validate certificate**: You can connect to the Syslog server over a non-secure connection or a secure TLS connection. - **Global Root CAs**: Use this certificate if you are using a certificate that is signed by a well-known public Certificate Authority (CA). - **Custom CA Certificate**: Use this certificate if you, as an enterprise, want to self-sign the certificate using your own internal CA. Click **UPLOAD A FILE** to upload the CA certificate. When Fortanix DSM, as a client, connects to the Splunk server and is presented with the server’s certificate, it validates the connection using the enrolled custom CA Certificate. - **Port (TCP)**: Enter the port number for the Syslog service. The default is port **514**, or if you are using a different port, update the port number accordingly. - **Facility**: When you log an event in Syslog, you can choose to log it in different facilities. Use this setting to filter logs by a specific facility, such as **User**, **Local0**, **Local1**, and others that are well-defined in the Syslog protocol. For example, configure Fortanix DSM to use the **Local0**facility to easily filter logs from a specific appliance. - **Use FQDN hostname**: This check box is selected by default. When enabled, the DSM cluster’s FQDN is used as the hostname in Syslog log entries, enabling identification of the source cluster in multi-cluster environments. 3. Click **SAVE** to add the Syslog integration. ## 3.0 Install Open Collector To install the Open Collector on the Linux host: 1. Run the following command to install Wget: ```bash sudo yum install -y wget ``` 2. Run the following command to download the Open Collector Control script: ```bash wget https://raw.githubusercontent.com/logrhythm/versions/master/lrctl ``` 3. Run the following command to change the permissions: ```bash chmod +x lrctl ``` 4. Run the following command to initialize the Open Collector and start all the components: ```bash sudo yum erase podman buildah ``` 5. Run the following command to install the Docker-Community Edition (CE): ```bash ./lrctl init ``` If there is no Docker CE, install it from the following website: [https://docs.docker.com/engine/install/rhel/](https://docs.docker.com/engine/install/rhel/) 6. Run the following command to start the Metrics service: ```bash ./lrctl metrics start ``` 7. Run the following command to start the Open Collector: ```bash ./lrctl open-collector start ``` ## 4.0 Validate the Installation 1. Run the following command to validate that the services are running: ```bash ./lrctl open-collector status ./lrctl metrics status ./lrctl status ``` 2. View the metrics in Grafana. **http://:3000** 3. In **Grafana**, go to **Open Collector**, and then **Open Collector Overview**. 1. The default **Open Collector Overview** dashboard has three columns. Each column includes a “Messages Per Second” and a “Counters (total)” graph. The “Pipelines” and “Output” columns also have “Errors” graphs. 2. Left column: **Input** - a Beat is successfully sending logs to the Open Collector. 3. Middle column: **Pipelines** - the logs are matching our Microsoft Defender for Identity (MDI). 4. Right column: **Output** - the logs are successfully sent to the System Monitor Agent. If data is flowing through the Open Collector, the graphs will be populated with data regarding total counts and the Mathematical Programming System (MPS) for various parts of the pipeline. Each graph has an information icon in the top-left corner. Point to this icon for a description of what each graph displays. The graph shows the **heartbeat_pipe Message Received,** indicating the Syslog messages. ![OpenCollector.png](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/opencollector.png) **Figure 2: Open collector overview** Fortanix Data Security Manager (DSM) is the world’s first cloud service secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as other secrets such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with Fortanix DSM using legacy cryptographic interfaces (PKCS#11, CNG, and JCE) or using the native Fortanix DSM RESTful interface. ## Related - [Fortanix DSM with Imperva Cloud WAF](/fortanix-data-security-manager-with-imperva-cloud-waf.md) - [Group Cryptographic Policy](/users-guide-group-cryptographic-policy.md)