Checkpoint Firewall monitoring using LEM
Hello There, Is it possible to monitor Checkpoint Firewall using Syslog by LEM? If yes, please guide me what versions of Checkpoint Gaia are supported and relevant configuration for the same. Thank you.
View ArticleLEM V6.3.1 HOTFIX 6 IS NOW AVAILABLE
DownloadAvailable:LEM v6.3.1 Hotfix 6 Hotfix 6 addressesthefollowingissues:Expired certificate for connector updates causing Automatic Connector Updates to fail. Hotfix 6 needs to be applied to restore...
View ArticleIdentifying malware DNS lookups from LEM
I've been seeing malware CNC alerts in my IPS for traffic that's coming from a domain controller. I did a packet capture on the DC and found the actual origin of the DNS lookups is the LEM server....
View ArticleIs there a list of LEM Best Practices, or Most Common Rules?
I tried searching for Best Practices, but only found a few documents. Is there a site for LEM Best Practices, common rules, or implementation suggestions? What do you feel is your best rule? Thanks...
View ArticleClik here to view.
Calling All VMware® vCenter™ Admins (2,000 THWACK Points)
We're currently doing some research around VMware® vCenter™ logging support with Log and Event Manager. In order to accomplish our research and understand the format of the vCenter™ logs, we need log...
View Articlemonitor AD group membership changes
All-I have a large number of active directory groups that need to be monitored. the groups in question all have a naming convention of "SG-servername_Support". I want to be able to have an notification...
View ArticleClik here to view.
Login failed LEM reports
i am trying to get all log messages from the LEM reports. I installed the Reports and Crystal runtime file on my computer which was not a big issue. But everytime i try to add a manager i can"t ping...
View ArticleConnecting SolarWinds to Cisco FirePOWER using eStreamer
We have a Cisco FirePOWER unit that we want to poll information from and place in a dashboard so that it is easy to see what is going on with FirePOWER. I have been looking and haven't found too much...
View ArticleConnector Updates failing
Just recently I have been receiving an error when attempting to update my connectors. The error reads: "Error while updating connectors for manager" When I click Show More, I get: "Synchronization with...
View ArticleLEM V6.3.1 HOTFIX 6 IS NOW AVAILABLE
DownloadAvailable:LEM v6.3.1 Hotfix 6 Hotfix 6 addressesthefollowingissues:Expired certificate for connector updates causing Automatic Connector Updates to fail. Hotfix 6 needs to be applied to restore...
View ArticleClik here to view.
Logon After Hours Alert Not Working
I currently have a created rule to alert when users log on after hours, however, it is not functioning properly.I get alerts when we are in production hours (yes my schedule is set up correctly) and I...
View Articlemonitor AD group membership changes
All-I have a large number of active directory groups that need to be monitored. the groups in question all have a naming convention of "SG-servername_Support". I want to be able to have an notification...
View ArticleRule with logon and shift does not work - please help
Hi all, I made a rule which should send an email if a user is logging into a windows-client after business hours. It does not work and I dont know why. What I did: UserLogon.Destination Machine =...
View ArticleHow to capture failed 'Run as Administrator' events on a Windows domain?
Does anyone have insight into how MS Audit Policy can be used to capture failed 'Run as Administrator' attempts without having to install LEM agents on all workstations? I've been attempting to...
View ArticleConfigure LEM as a SYSLOG Server
Hi, I am currently configuring LEM to monitor a small industrial network, (containing 12 devices). Firstly can someone please confirm that LEM is capable of receiving SYSLOG data.If so, is this a...
View ArticleHelp with LEM Report
Hello All! *Potential Noob Question* I have been asked to run a report of file activity one of our file shares. As it has been quite a while since I helped integrate LEM and received the training, all...
View ArticleLEM v6.3.1 HOT FIX 4 IS NOW AVAILABLE
DownloadAvailable:http://downloads.solarwinds.com/solarwinds/Release/HotFix/SolarWinds-LEM-v6.3.1-Hotfix4.zip Hotfix 4...
View ArticleExporting syslog from PulseSecure (formerly Juniper) SA4500 appliances into LEM
I'm adding our SA4500 cluster to export syslog to the LEM. No firewall rules or any other things in the way.I've followed Juniper's KB for setting up export - very straightforward.However, I'm not...
View ArticleSolarWinds Event Log Consolidator
Just installed SolarWinds Event Log Consolidator on my Windows 2012 R2 Standard Server Had to install netframe 3,51 first strange that solarwinds cant work with netframe 4.5 which 2012 installs but...
View ArticleConnecting SolarWinds to Cisco FirePOWER using eStreamer
We have a Cisco FirePOWER unit that we want to poll information from and place in a dashboard so that it is easy to see what is going on with FirePOWER. I have been looking and haven't found too much...
View Article