Integrating Cisco Nexus switch with LEM
I am trying to integrate Cisco Nexus 5K switches with LEM as a syslog node, but having no luck. Does LEM support NX-OS? I found the attached, which was very helpful while integrating an ASA, but...
View ArticleCreate a Alerting/Action Report
I would like to create a report that shows the last 30 days of alerts and who the alert was sent to. I see the last 30 day report, but I can't seem to figure out how to put a field in to show the...
View ArticleLEM 5.5 - some real issues
We upgraded from 5.4.0 LEM VM to 5.5. We have a Cisco firewall which was reporting to LEM. It is still apparently, but when I click on the node from the Dashboard, the Connectors widget says that...
View ArticleEmail Notifications How-To
Hey All,Since we haven't had any LEM discussions yet, I thought I'd post a quick how-to on setting up custom notifications. There's a couple of really common use cases for going beyond the out of the...
View ArticleSyslog node names?
I have a number of syslog devices pointed at LEM, but they all show up as IP addresses for node name. Is there a way to change the name of these nodes? Thanks!
View ArticleIs there a list of LEM Best Practices, or Most Common Rules?
I tried searching for Best Practices, but only found a few documents. Is there a site for LEM Best Practices, common rules, or implementation suggestions? What do you feel is your best rule? Thanks...
View ArticleUser Logon/Logoff (evt ID 4624/4634) with multiple DCs
When looking for user logon/logoff events, I'm seeing duplicate events across all domain controllers. E.G. if we have 4 DCs, each logon/logoff triggers 4 events within a few seconds of each other....
View ArticleLEM -- add new node
Hello, I have installed LEM v 5.7.0 for testing. As a first step, I am trying to add a new node (Cisco router) but it's failing. I have configured the router to send syslog and I can see the packets...
View ArticleF5 ASM and LEM - is there a connector?
Anyone aware of a connector being available for LEM for F5 ASM? It could be great to get all the WAF logging over to LEM as opposed to just the management and LTM traffic. If there isn't one, anyone...
View ArticleIs there a way to monitor CD rom drive usage?
Is there a way to monitor/notification of CD rom drive usage? So far I can not figure out a way. There are no services that I can think of to monitor. Any ideas would be helpful. Thank you.
View ArticleWhere used: Email Templates for unknown rule/action
Hey all - I have a rule that is hitting and using a specific template to which I cannot find the rule for this - as the email template comes through (via Actions/Email) blank and isn't actually...
View ArticleRule is being triggered but is not enabled
6.3.1 I have a incident that keeps popping up and says the triggered inference rule is called "Authentication Attempt - Default Account" but I do not show this rule in my enabled list. What am I missing?
View ArticleClik here to view.
Calling All VMware® vCenter™ Admins (2,000 THWACK Points)
We're currently doing some research around VMware® vCenter™ logging support with Log and Event Manager. In order to accomplish our research and understand the format of the vCenter™ logs, we need log...
View ArticleChanging the name of a LEM node
I just added my first node in LEM (a Cisco switch) and trying to figure out how to change the name of the node from the IP address to a friendly name? Dan
View Articlemonitor AD group membership changes
All-I have a large number of active directory groups that need to be monitored. the groups in question all have a naming convention of "SG-servername_Support". I want to be able to have an notification...
View ArticleAlert on login attempts of disabled accounts
I am pretty new to LEM (6.3.1) and am having some problems setting up a new rule. I am trying to create a rule that will email me an alert when there is a login attempt of a disabled domain account....
View ArticleHow to use LEM to collect McAfee logs
Hi, so I'm coming into an environment with Orion and LEM. I've got a decent grasp of Orion but not of LEM yet. I'm being asked the following: I would like the following locations captured by the LEM...
View ArticleLEM V6.3.1 HOTFIX 6 IS NOW AVAILABLE
DownloadAvailable:LEM v6.3.1 Hotfix 6 Hotfix 6 addressesthefollowingissues:Expired certificate for connector updates causing Automatic Connector Updates to fail. Hotfix 6 needs to be applied to restore...
View ArticleCisco ASA and syslog severity levels
What severity level is recommended for Cisco ASA? Thoughts? We are seeing dropped connection and this feels informational. Cisco ASA 5500 Series Configuration Guide using the CLI, 8.2 - Configuring...
View ArticleLEM v6.3.1 HOT FIX 4 IS NOW AVAILABLE
DownloadAvailable:http://downloads.solarwinds.com/solarwinds/Release/HotFix/SolarWinds-LEM-v6.3.1-Hotfix4.zip Hotfix 4...
View Article