EventInfo Unmatched FortiGate 5.0 Data ($Revision: #147 $)
I'm seeing this event every few seconds. I'd like to make it stop. EventInfo Unmatched FortiGate 5.0 Data ($Revision: #147 $) ExtraneousInfo 1476468181000 10.0.0.8 date=2016-10-14 time=13:03:01...
View ArticleLEM v6.3.1 HOT FIX 4 IS NOW AVAILABLE
DownloadAvailable:http://downloads.solarwinds.com/solarwinds/Release/HotFix/SolarWinds-LEM-v6.3.1-Hotfix4.zip Hotfix 4...
View ArticleLEM - Ghost Nodes.
Hello, I have a problem what I haven't can solved, in LEM appears several nodes like this: (Imagen LEM.PNG)149192060000014919206040001491920581000... All nodes differents except for the seventh number...
View ArticleHow do I configure the SNMP community string for LEM?
I haven't been able to find the setting whereby I can configure the SNMP read-only community string for the LEM appliance, so that I can monitor its health/set up alerting etc through Solarwinds NPM. I...
View ArticleShare your LEM rules for 500 THWACK points!
Hello!The LEM team is working on a new way to build rules. To fully test out this idea, we need a couple examples of complex LEM rules. If you post an example here (or email me at...
View ArticleAlert on Security event log clearing?
I've been poking around in LEM trying to figure out how to get this to occur; it should be as simple as searching for the Event IDs. We want to get an alert when the Security event log for Server...
View ArticleLEM database
Can anyone tell me the database used by the LEM? Is it PostgresSQL on the Linux appliance and MSSQL on a Windows 2008 server?
View ArticleIIS W3C Log Collection
Hey guys, I am having trouble with The Microsoft IIS Web Server 7.0 and 8.5 connectors. No events, other than tool START and STOP events, are being generated in LEM. The file paths I'm using for either...
View ArticlePros & Cons of encrypted (bitlocker) removable media and LEM
Our team has been working on some rules to mitigate threats from removable media. We have had good success with file monitoring, read/writes, and actively responding to executable attempts from flash...
View Articlefailed logon every 15 minutes
I receive a failed logon every 15 minutes from the same user account. This user is out of site and it does not seem like an interactive logon. Any ideas?
View ArticleCisco ASA and syslog severity levels
What severity level is recommended for Cisco ASA? Thoughts? We are seeing dropped connection and this feels informational. Cisco ASA 5500 Series Configuration Guide using the CLI, 8.2 - Configuring...
View ArticleConfigure LEM to take Sophos UTM Syslog's
Hey All! We're trialing out the LEM product and so far we like it quite a bit (from a Windows/Linux collection, reported, etc. perspective) but we're having problems adding network equipment. I've...
View ArticleMonitor ExtendedEvents and SQLAudits in SQL Server
There is a good discussion on how to use an old deprecated approach to monitoring SQL Server (audits) that uses a trace (SQLAuditor.exe) but the trace misses much of the information required by the...
View ArticleBlacklist & white list traffic on solar winds LEM agent
Dear All, Can we modify configuration of solar winds lem agent to send only specific traffic and blacklist other traffic.i.e we will able to blacklist traffic based on specific keywords upon which LEM...
View ArticleShare your LEM rules for 500 THWACK points!
Hello!The LEM team is working on a new way to build rules. To fully test out this idea, we need a couple examples of complex LEM rules. If you post an example here (or email me at...
View ArticleNon-Business Hours Filter Not Actually Filtering
I am trying to configure a filter to identify logon events that occur outside of business hours. I followed the below article on configuring Time of Day Sets, but LEM is capturing all of the login...
View ArticleNew vCenter connector not for VCSA ?
Hi, there is a new vCenter connector available for LEM, but only as an Agent Node connector, not an Appliance connector. Was this only meant for vCenter installations running on Windows Server ? If...
View ArticleMonitoring Windows firewall rules in Windows Server 2008?
Is there a connector for collecting events related to Windows firewall rules changes in Windows Server 2008? The events produced in the Security log leave a lot to be desired. They indicate what rules...
View ArticleLEM vs ManageEngine
I am looking for a Even Log application that will help me comply with PCI DSS compliance. I have not used LEM but have used ManageEngine AD Audit Plus. Can anyone compare and contrast the applications...
View Article