Success Stories of gaining operational value from LEM
I would really love to hear specific success stores of where people have gained operational value from LEM. I am hoping that by sharing some stories or examples we might all be able to gain new...
View Articlemonitor AD group membership changes
All-I have a large number of active directory groups that need to be monitored. the groups in question all have a naming convention of "SG-servername_Support". I want to be able to have an notification...
View ArticleTop 6 SANS Essential Categories of Log Reports 2013 in LEM
SANS released an updated list of their critical log categories recently. Some good recommendations especially if you're new to log management. The 6 Categories of Critical Log Information How easily...
View ArticleClik here to view.
SolarWinds LEM - no email alerts for changes to Domain Admins
I am currently running a 30 day trial of LEM. I have the environment fully configured including an agent installed on our domain controller. I have other rules set up and successfully firing email...
View ArticleTriGeo Alert - Disk nearly full
I started receiving these LEM email alerts and I am not sure if it is saying my LEM c: drive and what I need to do. This is the message: disk c: nearly full at 2016-05-11 10:07:00.0 There is no other...
View ArticleClik here to view.
Configuring SSO for LEM
I am attempting to configure AD integration for LEM (6.3.1) and for the life of me, I cannot get it to function correctly. I contacted tech support and they sent me this article. When I get to the...
View ArticleCan LEM track WHO started a service, and from what COMPUTER?
We have a custom service that has been installed on one of our Windows servers that is getting started manually without anyone knowing about it. The event logs only show that it was started, not WHO...
View ArticleCollecting Logs for DHCP Server Configuration Changes
Hey all,I'm setting up Log & Event Manager for the first time and I can't seem to figure out how to properly collect the logs I want from a windows DHCP server. I want to be able to collect the...
View ArticleLocal PC Guest Account Notifications
In our domain, we have the local machine Guest account disabled and renamed through script/GPO. Our LEM console sends out 10-20 notices each day TriGeo Alert: "guest account is locked out @ time of...
View ArticleUsing a Threat Intelligence Feed with LEM?
I am curious if anybody out there is using LEM in conjunction with a Threat Intelligence feed? I realize that LEM doesn't currently accept any of the feed protocols; however, I have seen that some...
View ArticleOU Add/Mod/Delete notifications
I enabled the default rules that they provided for OU changes but the alerts only send "Domain COMAPNY OU created by unable to resolve username.."I have the LEM monitoring our main DC (2008 box) and...
View ArticleBlock ALL USB Devices! Bwaahaha!
Hi, I want to block absolutely all USB devices except keyboards and mice - I have created a rule but it does not appear to work! The rule is quite simple - Correlations:...
View ArticleHow LEM manages logs with different time zone or no time zone
There would be a case where appliances being managed are in different countries and in different time zones and LEM is in different time zone. Product like fortigate doesnt give time zone information...
View ArticleInfer Alert
I have noticed that a lot of the OOB rules in LEM have the Infer Alert action setup. I may be a bit remedial for asking but I would love to see both the thought and/or some use cases behind the Infer...
View ArticleClik here to view.
System Audit Policy Changed - 22 alerts
Combed the LEM documentation, couldn't find a clue (it might be ind documentation somewhere, I couldn't find it after an hour of digging) This morning I got 22 TriGeo alerts in this pattern: system...
View ArticleEmail Notifications How-To
Hey All,Since we haven't had any LEM discussions yet, I thought I'd post a quick how-to on setting up custom notifications. There's a couple of really common use cases for going beyond the out of the...
View ArticleLEM Web Console
HI I'm unable to login with web browser ... it says invalid login .... i've tried admin and password... its not working anyyy help ... bit of urgent ???
View ArticlePossible to monitor disk space remaining?
I'm currently using EventSentry to alert me if drives on Windows 2008/2012 virtual machines are running below 5% available space. Can I use LEM to replace EventSentry?
View ArticleFirewall Shun
Hi there Anybody know it is possible to create an alert for devices which are shunned by the firewall? Thanks
View ArticleLEM v6.3.1 HOT FIX 4 IS NOW AVAILABLE
DownloadAvailable:http://downloads.solarwinds.com/solarwinds/Release/HotFix/SolarWinds-LEM-v6.3.1-Hotfix4.zip Hotfix 4...
View Article