How Does the Windows Agents Determine Agent Id etc.
We are trying to use InstantClones through VMware to deploy our VDI desktops. The issue I'm having is when I search the lem by hostname (ourVM-) I see a single entry, that changes every few seconds.I...
View ArticleShare your LEM rules for 500 THWACK points!
Hello!The LEM team is working on a new way to build rules. To fully test out this idea, we need a couple examples of complex LEM rules. If you post an example here (or email me at...
View ArticleSet ACLS to members in adminsitration group
Being new to Solarwinds LEM, I am not sure how to resolve the following error message that we continuously receive: set acls of members in administrators group. We have done a search on how to resolve...
View ArticleAlert on login attempts of disabled accounts
I am pretty new to LEM (6.3.1) and am having some problems setting up a new rule. I am trying to create a rule that will email me an alert when there is a login attempt of a disabled domain account....
View ArticleLEM - Error adding connector
Appliance Version 6.5.0 hotfix 1, platform Hyper-VNode Version 6.5.0, Windows Server 2012 R2 i'm trying to add a WebServer (Microsoft IIS W3C v8.5) connector; sure of Log Directory, Time Zone (set to...
View ArticleLEM vulnerability, how to solve it?
Becauseinformation securitypolicy,Vulnerability scanningmust bedoneusingIPS,There is avulnerabilityscan results follows,How do Irepairit ?HTTP Server Prone To Slow Denial Of Service AttackCVE-2007-6750...
View Articlemonitoring events triggered by remote desktop users?
I did review the pdf http://web.swcdn.net/creative/pdf/techtips/SW_TP_LEM_How_To_Monitor_User_Logon_Actions.pdf My question relates specifically to monitoring windows remote desktop logins and...
View Articlemonitor AD group membership changes
All-I have a large number of active directory groups that need to be monitored. the groups in question all have a naming convention of "SG-servername_Support". I want to be able to have an notification...
View ArticleDomain Admin account lockout alert
Hello everyone, I have an alert that tells me when an account is locked out. It works very nicely. Every once and a while it alerts me that my domain\administrator account is being locked out, but when...
View ArticleWhat's the difference between SolarWinds LEM and SIEM?
We currently use Log & Event Manage (LEM) and came across their Security Information & Event Management (SIEM) tool. The product pages are mostly buzz-words and both use pictures and videos...
View ArticleHow to collect log information from TM Officescan
I found a KB talking about how LEM collects TM Officescan log information. Set up Officescan syslog messages with LEM - SolarWinds Worldwide, LLC. Help and Support However, Officescan Server 11 doesn't...
View ArticlePolicy View/Change rule issue.
I am having an issue with 1 PC in particular that is activating the Policy View rule. I created a custom email so that i knew what pc this was activating on email and it lists both the Detection IP and...
View ArticleSourcefire Defense Center?
I went through the connectors in LEM and did not see anything listed for the estreamer api. Is there any way to use LEM to evaluate the logs coming in from this device? Looking to create alerts and...
View ArticleConfiguring Cisco ASA Syslog to LEM
Hello all. New Net Admin here looking to get syslog events logging in LEM. So far, I have followed the configuration knowledge base: "Integrating Cisco PIX and Cisco ASA Firewalls with SolarWinds...
View ArticleMaking a rule for a 100 logon failures.
I am trying to make a rule for 100 similar logon failures and trigger an email and SNMP trap. I have several rules setup and they all work well. This is one thing I cannot figure out, probably because...
View ArticleHow to monitor activity by users of the admin group
can someone tell me how to create a rule in LEM to show activity by the administrator user or users in the admin group. Or is there perhaps a report in the SW LEM reports module? thank you......Rick
View ArticleHow to monitoring OS Linuxs ?
Dear, now i using SolarWinds-LEM-v5.3-Evaluation with trial. I monitoring Windows OS and AD very well but when add agent for Linux OS to get logs then it not show any logs on LEM console. How...
View ArticleCISCO ISE AND LEM
Hello experts, I have a customer wanting to configure his ISE 2.0 server to send syslog messages to his LEM. We tried different ways but we can't make it work.We configured ISE with the IP of LEM and...
View ArticleClik here to view.
Linux IOSTAT (Disk Read/Write, Wait etc)
Dear Team, Please share document which was helpful to monitor Linux server's IOSTAT parameter.On server based command line IOSTAT below output so how we achieve same in NPM ?
View ArticleNon-Business Hours Filter Not Actually Filtering
I am trying to configure a filter to identify logon events that occur outside of business hours. I followed the below article on configuring Time of Day Sets, but LEM is capturing all of the login...
View Article