LEm with Cisco Firepower / Firesight syslog
Hi, I have a Cisco Firepower virtual appliance, and try to see log into LEM. I have configure Syslog as I found here : Configure a FireSIGHT System to Send Alerts to an External Syslog Server - Cisco...
View ArticleLEM Web Console
HI I'm unable to login with web browser ... it says invalid login .... i've tried admin and password... its not working anyyy help ... bit of urgent ???
View ArticleEvents Per Second?
What is the EPS capacity of a LEM appliance? I have dug though the documentation but have not been able to find this information.
View ArticlePalo Alto config with LEM
Hi All, I'm new to both LEM and PA so looking to make sure I have the correct setup. I've read the KB article SolarWinds Knowledge Base :: Integrating your Palo Alto Firewall with SolarWinds LEM and...
View ArticleCorrelation rule for logons to other PCs
I have a simple list of users with their authorized hosts. User A; Host A User B; Host B ..... I am trying to build a rule where in an ideal scenario and email would be fired upon the following...
View ArticleForwarding raw logs to QRadar
We are attempting to forward logs from LEM to QRadar because of bandwidth concerns. Previously, we used IBM's WinCollect agent to send them directly to the QRadar collectors. However, the subsidiary...
View ArticleLEM Backup fails - SMBv1
We recently tried configuring the backup functionality in a newly installed instance of LEM but couldn't get it to connect to the target network share, If you're have a similar problem, perhaps after...
View ArticleIs it possible to import Windows Security Event log into LEM from a node...
OK, so here's the scenario. Due to internal company policy I cannot install native LEM agent on our Domain Controller (Windows 2012). So that means I cannot just add this node to LEM console and...
View ArticleWhy is it when, I try to use nmap to verify the ports on Windows Server is...
Good day everyone, I had idea to make sure that new windows servers that will be added to the LEM ports are open. Ports I am talking about is TCP 37890-37896I was trying to use NMAP nmap -sT -p...
View Articlemonitor AD group membership changes
All-I have a large number of active directory groups that need to be monitored. the groups in question all have a naming convention of "SG-servername_Support". I want to be able to have an notification...
View ArticleMultiple Failed Login attempts by different users but same IP
Does anyone know how to setup a filter and/or rule that will notice multiple failed login attempts by multiple users (before account lockout) originating from same IP within a certain time frame?...
View ArticleData correlation
I'd want to correlate events, say a user login success, changing an admin group and then changing a password?how can this be done?
View ArticleMultiple navigation submenus under Monitor
I have repeating navigation items when I click the Monitor Option; see attached. any thoughts if this is a corrupted user profile or an issue that can be fixed?
View ArticleLEM Linux agent connects but no logs
I am struggling with getting a Open SuSE Linux server to log to my LEM. Details:LEM 5.4Linux Client 5.3.1Linux OpenSuSE 11.2 It installed and even connected to the console. I created the Pam, Audit and...
View ArticleVolume of syslog/SNMP traps,LEM can handle per hour ??
Hello ,, Kiwi syslog can handle 2 millions syslog message an hour(without any rules) so does any limitation has been marked for LEM ?
View ArticleLog Event Manager issue
Please help me that how could i add the node in LEM even i configured the cisco swtich with following parameters logging onlogging host 192.168.2.1 But i am unable to add the node in LEM. What other...
View ArticleLEM Backup fails - SMBv1
We recently tried configuring the backup functionality in a newly installed instance of LEM but couldn't get it to connect to the target network share, If you're have a similar problem, perhaps after...
View ArticleUpgrade from 6.4 to 6.5
Hi alli want to upgrade my lem appliance (virtual, hyper-v) from 6.4 to 6.5 i've already downloaded the related Upgrade package from customer portal but in each file (SolarWinds-LEM-v6.5.0-Upgrade.iso...
View ArticleIs it possible to import Windows Security Event log into LEM from a node...
OK, so here's the scenario. Due to internal company policy I cannot install native LEM agent on our Domain Controller (Windows 2012). So that means I cannot just add this node to LEM console and...
View ArticleWindows Server 2016 | LEM Agent 6.4 | some Connectors run, others don't run
Hi, we use Windows 2016 Server in our environment and LEM 6.4.We have installed die LEMAgent an die Windows 2016 Server with die Windows Installer from LEM (local installation). There are 4 Connectors...
View Article