Help needed - What Justification did you guys use to get your company to...
What Justification did you guys use to get your company to approve LEM?
View ArticleLog Event Manager issue
Please help me that how could i add the node in LEM even i configured the cisco swtich with following parameters logging onlogging host 192.168.2.1 But i am unable to add the node in LEM. What other...
View ArticleHow to import Windows events logs into LEM
Hi, We have two Windows 2003 domain controllers that are remotedly hosted; however, they are part of our local AD. That is, we have two remote DCs and two local DCs all administrating a single AD...
View ArticleNetwork monitoring
My manager wants us to monitor the network for peaks network usage during the week and the duration of those usages, can anybody help me with this? I have tried everything I know but keep coming up...
View ArticleLEM Report/Alert for Cisco ASA VPN Usage
We would like to create a report for VPN logins/logouts and also have a real time alert for when someone is logged in or out. The device is a Cisco ASA. Any help on whether this is possible or not...
View ArticleLogin Failure Doesn't Detect IP
I have a Rule setup in LEM to detect failed logins, after 5 failed logins in 5 minutes the Source Machine will be added to a User Defined Group as a Suspect System. I have a 2nd rule that will look...
View ArticleLEM keeps freezing
Hi all, Pretty noob to LEM.... Our LEM seems to freeze every now and then....Is there a way of setting up a cron job to either re-start the manager service or reboot the appliance nightly or every...
View ArticleLEM in multiple Microsoft AD Forests (as opposed to multiple domains)
Due to several statutory requirements, we are finding ourselves in need to dividing our existing Microsoft AD forest into multiple separate and distinct forests (as a domain is not a security...
View Articlelast event over 5 days old
Our VMfarm had issues 5 days ago. The LEM server was on the VMfarm and appeared to come back online. When we went into LEM today, all of the nodes are showing last event of 5day or so. I do not see a...
View ArticleLog Event Manager issue
Please help me that how could i add the node in LEM even i configured the cisco swtich with following parameters logging onlogging host 192.168.2.1 But i am unable to add the node in LEM. What other...
View ArticleLEM filter issue
Note: The conditions for the default firewall filter read, Any Alert.ToolAlias = *Firewall*, where the asterisks serve as wildcard characters. If the alias defined in Step 5 does not contain the word...
View ArticleHow to capture failed 'Run as Administrator' events on a Windows domain?
Does anyone have insight into how MS Audit Policy can be used to capture failed 'Run as Administrator' attempts without having to install LEM agents on all workstations? I've been attempting to...
View ArticleLEM Windows Agent MSI Package
Good Morning, I have recently adopted LEM and was looking at rolling the windows agent out via group policy. Is their a MSI version of the windows agent available to download or any way of wrapping...
View ArticleLEM in multiple Microsoft AD Forests (as opposed to multiple domains)
Due to several statutory requirements, we are finding ourselves in need to dividing our existing Microsoft AD forest into multiple separate and distinct forests (as a domain is not a security...
View ArticleFilters best practices
hello ... I am new to the SIEM tools and a fresh graduate from collage. we are implementing the LEM tool in our company and my boss asked me to find the best practice for the filters, meaning what are...
View ArticleIIS 6 & 7 logs into LEM
We've tried to configure 3 servers to get IIS to log into the LEM without success. 1 server is running Server 2008 with IIS 7. 2 servers are running Server 2003 with IIS 6. I believe that we have the...
View ArticleNew to LEM - backing up database?
Hello.We will soon be deploying our first LEM server and I've got a couple of questions about backups. Am I right in thinking that there's no option to do any sort of incremental or differential backup...
View ArticleClik here to view.
Directory Service connector issues
I was wondering if anyone has had extensive experience trying to get the Directory Service connector to work correctly in LEM 5.7. I have had an issue where the Connector throws Internal Warning...
View ArticleDifficulties with LEM. This product need more documentation and resources....
We have been using LEM this product is very difficult to configure and analyze. We have been using this product for about a year and due to minimal documentation and resources we have...
View ArticleUpgrade to 5.7 while database is migrating from 5.5 to 5.6?
Hi all, new to LEM as I inherited a 5.5 virtual appliance at my new gig. I just upgraded to 5.6 and the database is in the process of migrating to the new format. Can I upgrade to v5.7 while the...
View Article