Cisco Connector is Not Showing Up
Everytime I add the node from my Cisco 3845 router the LEM server tells me it finds a tippingpoint node connector. When I disable the tippingpoint connector then LEM simply tells me it can't find a...
View ArticleCisco ASA and syslog severity levels
What severity level is recommended for Cisco ASA? Thoughts? We are seeing dropped connection and this feels informational. Cisco ASA 5500 Series Configuration Guide using the CLI, 8.2 - Configuring...
View ArticleLEM Reports; only some reports working?
Having issue running all reports aside from "authentication" reports. Example; I have an alert setup for domain account deletions which is working and alerting like normal but if I load up LEM Reports...
View ArticleSupported Data Sources - Palo alto PA-3020 v.5
Hello Everybody , I have the requirement from partner about the LEM opportunity . They need LEM to collect LOG from Paloalto PA 3020 (running firmware version 5.0) . Need to double check with you LEM...
View ArticleLEM - FIM - NIST Compliance 800-171 Template
Hi, Are any NIST templates for FIM available? I did some searching and was unable to find any on Thwack or the net. If none are available, does LEM plan to have it on an upcoming patch or release? If...
View ArticleLEM Portscan rule
Hi all, I have a question based on LEM portscan conditions. See attached snapshot for guidance.I want to create a portscan rule which will ignore posrtscan activities originating from public IP's, but...
View ArticleAlert on login attempts of disabled accounts
I am pretty new to LEM (6.3.1) and am having some problems setting up a new rule. I am trying to create a rule that will email me an alert when there is a login attempt of a disabled domain account....
View ArticleAuditing Group Policy Changes
Hi, Can anyone tell me how to set up a rule to track group policy changes? This is for tracking admin users who modify the Group Policy Object(I am not talking about creating a new one or renaming an...
View ArticleLEM Log Retention settings
Hi All, How can I check LEM log retention settings? I've already read some discussion about this and learned that LEM is configured to automatically purge the oldest logs, but how can I check if our...
View ArticleSQL2016 >> MSSQL Auditor - Is there a profiler template available?
I am currently evaluating setting up database monitoring for Solarwinds LEM and the instructions advise me to import a profiler template and then edit this template. I am using SQL Server 2016. When I...
View ArticleFIM (File Integrity Monitoring)?
I am curious if SolarWinds has any solutions for File Integrity Monitoring? We are in need of a FIM solution and I would love to stick or at least consider SolarWinds but I am not sure if they have a...
View ArticleWhy is it when, I try to use nmap to verify the ports on Windows Server is...
Good day everyone, I had idea to make sure that new windows servers that will be added to the LEM ports are open. Ports I am talking about is TCP 37890-37896I was trying to use NMAP nmap -sT -p...
View ArticleIs there a list of LEM Best Practices, or Most Common Rules?
I tried searching for Best Practices, but only found a few documents. Is there a site for LEM Best Practices, common rules, or implementation suggestions? What do you feel is your best rule? Thanks...
View ArticleConnecting SolarWinds to Cisco FirePOWER using eStreamer
We have a Cisco FirePOWER unit that we want to poll information from and place in a dashboard so that it is easy to see what is going on with FirePOWER. I have been looking and haven't found too much...
View ArticleWindows LEM Agent Issue
On a clean install of agent for Windows x64 on Windows 8.1, I can't get the agent to work. Error as below: (Mon Nov 20 16:05:18 SGT 2017) II:INFO [SpopModule] {main:1} Java version: 1.8.0_131 Java...
View ArticleLEM Database
Can you get access to the LEM database to do direct SQL queries? Ever since upgrading to 5.7 from 5.4 (via 5.6), the reporting has been unusably slow (if it works at all, yes there is a call open but...
View ArticleTemplate list for report and rules for LEM
Hi All, I have check through the success center and with the Solarwinds folks. Unfortunately they dont have a list compiling all the template report and template rules they have in the LEM. Anybody got...
View ArticleLEM Linux agent connects but no logs
I am struggling with getting a Open SuSE Linux server to log to my LEM. Details:LEM 5.4Linux Client 5.3.1Linux OpenSuSE 11.2 It installed and even connected to the console. I created the Pam, Audit and...
View Articlemonitor AD group membership changes
All-I have a large number of active directory groups that need to be monitored. the groups in question all have a naming convention of "SG-servername_Support". I want to be able to have an notification...
View ArticleLEM Help
Howdy- We are evaluating LEM for offload of our Qradar system. Qradar is a bit overloaded and upgrading it is very costly. The security team had us spin up a demo of the solarwinds LEM product....
View Article