Multiple Failed Login attempts by different users but same IP
Does anyone know how to setup a filter and/or rule that will notice multiple failed login attempts by multiple users (before account lockout) originating from same IP within a certain time frame?...
View ArticleCisco ASA and syslog severity levels
What severity level is recommended for Cisco ASA? Thoughts? We are seeing dropped connection and this feels informational. Cisco ASA 5500 Series Configuration Guide using the CLI, 8.2 - Configuring...
View ArticleLEM log4net connector to folder
Hiwe have a configured DFSR which collects log4net app.logs from many servers to one server.And we need to analyse these logs. The problem that I met is when I create log4net connector on that server,...
View ArticleUSB Defender
Needing help configuring USB Defender. I have followed all the steps to configuring it, but neither see an alert in the console nor are unauthorized USB devices shut down on the client machine. Here is...
View ArticleLEM use cases
Hi all,I'm new with LEM and consider it as a central console for future SOC in my current companyI just want to leave here my list of use cases and share in a future "how to" realize themDon't hesitate...
View ArticleAD authentication in LEM
I have been asked to configure LEM to use Active Directory credentials for users to log on with. I have the Directory Service Query tool configured per the documentation, and have added both a...
View ArticleHow do I configure the SNMP community string for LEM?
I haven't been able to find the setting whereby I can configure the SNMP read-only community string for the LEM appliance, so that I can monitor its health/set up alerting etc through Solarwinds NPM. I...
View ArticleHow does the LEM agent generate its SID/UID?
I am curious how the LEM agent generates it's SID/UID? We are working with a client to develop a BC/DR solution and I am curious when the replica nodes comes online if it will check in as a new node...
View ArticlePossible to monitor disk space remaining?
I'm currently using EventSentry to alert me if drives on Windows 2008/2012 virtual machines are running below 5% available space. Can I use LEM to replace EventSentry?
View ArticleIs it possible to import Windows Security Event log into LEM from a node...
OK, so here's the scenario. Due to internal company policy I cannot install native LEM agent on our Domain Controller (Windows 2012). So that means I cannot just add this node to LEM console and...
View ArticleClik here to view.
Linux IOSTAT (Disk Read/Write, Wait etc)
Dear Team, Please share document which was helpful to monitor Linux server's IOSTAT parameter.On server based command line IOSTAT below output so how we achieve same in NPM ?
View ArticleLogon Used Case in LEM
Is anyone familiar with creating a rule that fires when an individual has an account logged into two machines at the same time?
View ArticleLEM Windows Agent MSI Package
Good Morning, I have recently adopted LEM and was looking at rolling the windows agent out via group policy. Is their a MSI version of the windows agent available to download or any way of wrapping...
View ArticleConfigure LEM as a SYSLOG Server
Hi, I am currently configuring LEM to monitor a small industrial network, (containing 12 devices). Firstly can someone please confirm that LEM is capable of receiving SYSLOG data.If so, is this a...
View ArticleConfiguring Cisco ASA Syslog to LEM
Hello all. New Net Admin here looking to get syslog events logging in LEM. So far, I have followed the configuration knowledge base: "Integrating Cisco PIX and Cisco ASA Firewalls with SolarWinds...
View ArticleHow do I import my CA's certificate into LEM?
We project the LEM console on a 72" TV. The console is constantly giving SSL prompts whenever it refreshes. In addition, SSL vulnerabilities are constantly showing up in our security scans - false or...
View ArticleLEM Backup fails - SMBv1
We recently tried configuring the backup functionality in a newly installed instance of LEM but couldn't get it to connect to the target network share, If you're have a similar problem, perhaps after...
View ArticleEmail Notifications How-To
Hey All,Since we haven't had any LEM discussions yet, I thought I'd post a quick how-to on setting up custom notifications. There's a couple of really common use cases for going beyond the out of the...
View ArticleLEM Log Retention settings
Hi All, How can I check LEM log retention settings? I've already read some discussion about this and learned that LEM is configured to automatically purge the oldest logs, but how can I check if our...
View ArticleConfigure LEM as a SYSLOG Server
Hi, I am currently configuring LEM to monitor a small industrial network, (containing 12 devices). Firstly can someone please confirm that LEM is capable of receiving SYSLOG data.If so, is this a...
View Article