Upgrade to Managed Detection and Response
The Alert Logic console provides a universal navigation experience for all Alert Logic customers, regardless of your product subscriptions.
The Alert Logic console shows only the tabs and pages appropriate to your product subscription. This topic describes all possible tabs and pages, but specifies the subscriptions that generate the tabs and pages. For more information about subscriptions Alert Logic offers, see Get Started with Alert Logic Subscriptions and Add-ons.
Upgrade process and window
Prior to your upgrade, Alert Logic performs a migration precheck to uncover issues in your environment that can prevent a successful upgrade. An implementation engineer shares results and schedules a meeting with your engineering team to review any required and recommended actions. For details about the precheck, see Migration Prechecks.
After your team resolves any blocking issues, Alert Logic works with you to schedule the migration. Plan to allow 48 hours for the Alert Logic team to complete your upgrade. The two-day window allows time for troubleshooting, if necessary. The upgrade occurs during business hours Monday to Friday, with the actual migration taking approximately one hour.
Prerequisites
Prior to your upgrade, you must perform the following cloud deployment updates:
- If you have Amazon Web Services (AWS) deployments to upgrade, you must ensure they use IAM roles created with the most current policy documents. To ensure your AWS deployments are configured properly, see:
- If you have Azure deployments to upgrade, you must ensure that the configuration of the resources allows Alert Logic to discover and monitor your assets. To ensure your Azure deployments are configured properly, see Update Azure Deployment Configuration to Prepare for Upgrade.
For a complete list of issues that can block your upgrade or affect its success, see Migration Prechecks.
How to find features in the new console
The new functionality that corresponds to legacy offerings is available for all MDR subscriptions.
| Legacy Functionality Name | New Functionality |
|---|---|
| Log Manager Saved View | Create Saved and Scheduled Log Searches |
| Log Review Cases | Monthly Log Review Report and Incidents |
| Log Search and Log Search BETA | Newer Search experience with Simple and Expert modes and Search: Log Messages |
| Webhooks | Webhook Connectors, including connectors for ticketing and messaging systems and a universal webhook connector |
| Scheduled Reports | Scheduled Reports and Notifications |
| Collection Alerts | Daily Health Summary and Scheduled Reports and Notifications |
| Scan Schedules | Default and custom scan schedules |
| Summary and Dashboards | Available as Reports Guide, and Risk Reports, and Dashboards. |
| Reports | Reports Guide |
| Host Groups and Zones | Topology |
| Log Correlation and Alerts | Correlations and Notifications |
| Assignment Policies | Automatic agent assignment within a network, which can be overriden by setting up Cross-Network Protection |
Deprecated or unsupported functionality
Alert Logic has removed or does not support the following functionality. Both lists apply to Cloud Defender, which includes both Threat Manager and Log Manager.
- For Threat Manager customers
- Browse Devices
- Event alerts
- Defense alerts
- Case alerts
- Monitoring policies
- For Log Manager customers
- Log Collection Schedule policies
- Case alerts
Upgrade details
Your upgrade offers feature parity and enhancements that affect the following functionality, which is available with all MDR subscriptions:
- Machine Learning Log Review Upgrade
- Incidents Upgrade
- Log Search Upgrade
- Cloud Defender Omnibox Search Upgrade
- Notifications Upgrade
- Scan Functionality Upgrade
- Managed Detection and Response Reports Upgrade
Additional features
Your upgrade to MDR offers features that were not available on the legacy platform. The additional features improve your experience and your ability to detect and respond to threats in your environment.
All MDR subscriptions offer these features:
- CIS Microsoft Azure Foundation Benchmark reporting
- Dashboards
- Threat Risk Index
- Exposures
- Extended Endpoint Protection
- Health
- Cross-Network Protection (Data Center deployments)
These features are available with Alert Logic MDR Professional and Alert Logic MDR Enterprise subscriptions:
- File Integrity Monitoring
- Web Log Analytics (WLA)
- Application Registry
- Policy-based configuration of system and application (flat file) logs
- Improved support for Azure deployments and AWS deployments
Learn more
For more resources to help you learn about key features in MDR, see Recommended Training for New and Upgrading Customers. Linked materials include training videos, product documentation, and knowledge base articles organized by feature.