Hi ,
I Deployed Solarwinds LEM , assigned an IP address to it and set date and time and deploy some agents.
in "Monitor" I see all real time logs but nothing is shown in "Ndepth" Part and no rules with the same correlation as ndepth conditions are fired.
For example
I see user logon events in "Monitor" section but in "Ndepth" section shows "No Results".
the condition set for Ndepth is:
UserLogon.DetectionIP=< one of my servers on which I deployed the LEM agent >
Time Range=Last 10 min, Last 30 min, Last hour, Last 2 hour, Last day...
I also checked out the followings:
The insertion time and detection time are the same,
The time and date and time zone is accurate on LEM manager and is the same as agents,
I saved and Enabled and Activated the rules,
set different Correlation Time for Rules,
restarted the manager...
But nothing happend, no success.
I appreciate any help in advance.