Hi guys
I have been tasked with setting up some filters on LEM to monitor our network, but I don't really know networks or the product very well so I'm not sure how to do this. We want to monitor:
- File changes/audit
- USB/external device activity
- New user accounts created/AD changes
- Malicious software traffic
- install of software
- license key used (i.e. product activation for our volume licenses of Office)
and also how to disable network on a target device (if this is possible through LEM).
I have copied some of the existing filters into the My Filters section (I can list if useful but there are quite a few) but I'm not sure if this covers everything, or if they are working properly.
As I said in my previous post, I am very new to all of this so I apologize if this is really simple or if this is answered somewhere I haven't seen.
Thanks for the help.