Issue with custom LEM report
With the new 5.6 Upgrade, it appears to have broken some custom reports we created. Whether that's just my error or not, I don't know. I got login errors when I tried to view them, which led me to...
View ArticleClik here to view.
Managing multiple LEM appliances
As we expand our number of LEM appliances I am finding I need a method for centralized management and I am curious what the best way to do this would be? We are a solution provider that implements...
View ArticleMultiple Failed Login attempts by different users but same IP
Does anyone know how to setup a filter and/or rule that will notice multiple failed login attempts by multiple users (before account lockout) originating from same IP within a certain time frame?...
View ArticleTripWire Connector: How to use?
We have setup a TripWire Enterprise server on a Windows system and I would like to see how the TripWire connector in LEM works. It's not immediately clear to me which logs I should be pointing this at...
View ArticleLEM and Deep Packet Inspection?
Now that SolarWinds has rolled out Deep Packet Inspection with NPM is there any possibility in moving that capability over to LEM? My reason for asking is because I am curious if LEM has a possible...
View ArticleLEM Thoughts of the Week: How do your Security, Network, and Systems teams...
Okay, so it's not exactly "of the week" when it's been a while since I posted the last one. We're back from our temporary lack of good ideas for discussion. Lately we've been thinking a lot about how...
View Articlesnort output server setup
I have a physical snort box, and I am trying to get it to send logs to my SolarWinds LEM, I set it to the output to the IP of the SolarWinds LEM but it doesn't pick up anything. I am using OpenSuse...
View ArticleBest way to backup Log & Event Manager?
We use Acronis vmProtect to backup our virtual machines and one of the problems I have is the ability to backup the Solarwinds Log & Event Manager virtual appliance. We get the same error from...
View ArticleMonitor specific event ID using LEM
Hi, How can I monitor specific event ID and send email alert when that event occur. Let say I want monitor when a service stop in Application log and send an email alert. your guidance are very much...
View ArticleManaging multiple LEM appliances
As we expand our number of LEM appliances I am finding I need a method for centralized management and I am curious what the best way to do this would be? We are a solution provider that implements...
View ArticleLEM Filters & Alerts Technical Reference
Hey All, I wanted to make you aware of a new document we've posted up on the docs page titled "Using SolarWinds Log & Event Manager (LEM) Filters & Alerts". This document is focused on...
View ArticleUsing a Threat Intelligence Feed with LEM?
I am curious if anybody out there is using LEM in conjunction with a Threat Intelligence feed? I realize that LEM doesn't currently accept any of the feed protocols; however, I have seen that some...
View ArticleLEM and Deep Packet Inspection?
Now that SolarWinds has rolled out Deep Packet Inspection with NPM is there any possibility in moving that capability over to LEM? My reason for asking is because I am curious if LEM has a possible...
View ArticleLEM: Create notification of AD account lockout
How can I setup a notification alert when a user is locked out of Active Directory? I am using SolarWinds Log & Event Manager 5.4 Thanks
View ArticleRule Request - Admins Browsing the Web
I need a rule that checks for admins logging on servers and browsing the web. Is this possible?
View ArticleLog Event Manager issue
Please help me that how could i add the node in LEM even i configured the cisco swtich with following parameters logging onlogging host 192.168.2.1 But i am unable to add the node in LEM. What other...
View ArticleHow do I get MAC addresses in an alert when an AP goes down?
I am having trouble getting the MAC address for an AP in an alert when the AP goes down. I am using ${AP_MAC} but it's coming out blank. Does anyone know how to get the mac address? Thanks, Nuruddin
View ArticleSophos blocking lem webpage
bHello everyone, my enterprise is using Sophos endpoint security and when I attempt to login to the lem web page I click connect the small bar that shows up bellow the button moves but it will never...
View ArticlePURGE DATA SOLARWINDS LEM
Hi Guysanyone know how i can purge growing data (logs) for maintenance the appliance??Regards
View Article