FEATURE REQUEST - Show Updated LEM Agent Version in Add/Remove Programs
I opened a ticket back in June 2012 about the LEM agent not appearing as upgraded in Add/Remove Programs (aka Programs and Features) on our windows agents. The technician said he had submitted a...
View ArticleFireEye MPS Connector
Greetings, Does anyone know how to configure FireEye MPS and the LEM connector to talk? We configured FireEye by enabling rsyslog, checking all events, pointing to LEM IP, and enabling. We configured...
View ArticleLEM Log Retention settings
Hi All, How can I check LEM log retention settings? I've already read some discussion about this and learned that LEM is configured to automatically purge the oldest logs, but how can I check if our...
View ArticleLEM - Error adding connector
Appliance Version 6.5.0 hotfix 1, platform Hyper-VNode Version 6.5.0, Windows Server 2012 R2 i'm trying to add a WebServer (Microsoft IIS W3C v8.5) connector; sure of Log Directory, Time Zone (set to...
View ArticleClik here to view.
EventLog Forwarder
Apologies if this isn't the correct spot for this. Installed the EventLog Forwarder product (the free one), and attempting a subscript but the one event log isn't listed as an available option, please...
View ArticleGive feedback on LEM for 3,000 pts!
Hello! I’m Ashley, from the SolarWinds User Experience (UX) team. The LEM team is looking to make a couple of improvements to the way you build filter queries and a couple other things. If you have...
View ArticleIs there a way to monitor CD rom drive usage?
Is there a way to monitor/notification of CD rom drive usage? So far I can not figure out a way. There are no services that I can think of to monitor. Any ideas would be helpful. Thank you.
View ArticleMultiple Failed Login attempts by different users but same IP
Does anyone know how to setup a filter and/or rule that will notice multiple failed login attempts by multiple users (before account lockout) originating from same IP within a certain time frame?...
View ArticleUpgrade to 6.0.1 Flex error
When I load the GUI after the upgrade I get this error:Flex Error #1001: Digest mismatch with RSL https://10.162.1.40:8443/lem/rsl/TriGeoFlexFramework.swf. Redeploy the matching RSL or relink your...
View ArticleLEM Log Retention settings
Hi All, How can I check LEM log retention settings? I've already read some discussion about this and learned that LEM is configured to automatically purge the oldest logs, but how can I check if our...
View ArticleN-Central + ELK Stack
Hi, I'm new on platform and tried to get some kind of idea on what goes where. Couldn't figure out so I just used new post -button to see how things work. I'm currently evaluating N-Central as a...
View ArticleGive feedback on LEM for 3,000 pts!
Hello! I’m Ashley, from the SolarWinds User Experience (UX) team. The LEM team is looking to make a couple of improvements to the way you build filter queries and a couple other things. If you have...
View ArticlePros & Cons of encrypted (bitlocker) removable media and LEM
Our team has been working on some rules to mitigate threats from removable media. We have had good success with file monitoring, read/writes, and actively responding to executable attempts from flash...
View ArticleLEM - Event info - unmatched solarwinds mssql auditor Data - Broken log line
Hi,I've configure MSSQL Auditor and works fine, already log queries.However I've a problem, from the LEM manager monitor on the column called "Event Info" I only see a description that say "Unmatched...
View ArticleSeverity Levels: How are they determined?
Hey all, Does anyone know how the severity levels are determined? We are trying to correlate the severity of Windows Events with the severity levels in LEM, so we can build a filter for just critical...
View ArticleAlert on Security event log clearing?
I've been poking around in LEM trying to figure out how to get this to occur; it should be as simple as searching for the Event IDs. We want to get an alert when the Security event log for Server...
View ArticleBlock IP Address on FortiGate's Firewall Failing
Hi everyone, I'm having an issue where I setup a rule to block an IP address using the Block Active Response on SW LEM: Using the Block IP Active Response - SolarWinds Worldwide, LLC. Help and Support...
View ArticleGive feedback on LEM for 3,000 pts!
Hello! I’m Ashley, from the SolarWinds User Experience (UX) team. The LEM team is looking to make a couple of improvements to the way you build filter queries and a couple other things. If you have...
View ArticleData correlation
I'd want to correlate events, say a user login success, changing an admin group and then changing a password?how can this be done?
View ArticleSoftware Installs not logging in Event Viewer
OS - Windows 7 Professional (x64bit) I am trying to find if there are ways to set so that when any software has been installed, it will get recorded in the event viewer. For example....I was trying to...
View Article