Email Notifications How-To
Hey All,Since we haven't had any LEM discussions yet, I thought I'd post a quick how-to on setting up custom notifications. There's a couple of really common use cases for going beyond the out of the...
View ArticleLEM CSV files are corrupt 100% of the time
We are running LEM 5.7ticket 810492 has been opened under explore/nDrepth we TRy to generate CSV files for some date ranges.no matter what the date or duration is, the files get produced. They are 100...
View ArticleClik here to view.
LEM Reports - Scheduled Reports - Potential Bug
Hi All, Has anyone else experienced this potential bug in LEM Reports where a scheduled report task is not visible once LEM reports has been closed and opened again? Click Schedule, create a task,...
View ArticleLEM vs ManageEngine
I am looking for a Even Log application that will help me comply with PCI DSS compliance. I have not used LEM but have used ManageEngine AD Audit Plus. Can anyone compare and contrast the applications...
View ArticleLEM and Juniper SRX 550
Hi guys, We have Juniper SRX 550 running Junos 12.1 X44-D40.2 and I'm keen on monitoring the syslog or other log for this appliance. Any suggestion? Thanks,Vonny
View ArticleClik here to view.
Repeated Attack - Multiple Detection Sources
I have a request for the following rule to be made: Repeat Attack-Multiple Detection SourcesGoal: Find hosts that may be infected or compromised detected by multiple sources (highprobability of true...
View ArticleSuccess Stories of gaining operational value from LEM
I would really love to hear specific success stores of where people have gained operational value from LEM. I am hoping that by sharing some stories or examples we might all be able to gain new...
View ArticleClik here to view.
Can’t set correlation for received SNMP Traps
Hello, I have problems with setting up Rules for SNMP Traps received from SolarWinds.SNMP Trap connector is set:Filters for traps were created:and I can see received SNMP Trap messages: Rules section:...
View ArticleTrigger rule based on time of day
Is there a way to trigger a rule on a schedule. Basically I have a rule to trigger an email alert then adds the offending machine to a user defined groups, as to not continue to get the alerts. But I...
View ArticleLog Event Manager issue
Please help me that how could i add the node in LEM even i configured the cisco swtich with following parameters logging onlogging host 192.168.2.1 But i am unable to add the node in LEM. What other...
View ArticleIronPort Web Security Support
Hello,I saw in the release notes that IronPort Web Security is now supported. I've done some brief looking to see how to get the data there with no luck. Does any one have any suggestions on how to...
View ArticleHow to detect SQL Injection Attacks?
I am curious how you would configure a LEM correlation rule to capture a SQL injection attack? I see that there is a User Defined Group called "XSS and SQL Injection Vectors" but I am not sure exactly...
View ArticleTop 6 SANS Essential Categories of Log Reports 2013 in LEM
SANS released an updated list of their critical log categories recently. Some good recommendations especially if you're new to log management. The 6 Categories of Critical Log Information How easily...
View ArticleMonitoring Microsoft Endpoint Protection
We are using Microsoft System Center Endpoint Protection on our systems. I would like to be able to monitor our systems for a few specific things related to this. Systems failing to remediate an...
View Articlenew syslog node
hiwe have Netasq Firewall in our networkit is not valid in node vendor optionhow can i add it ?Thanks
View ArticleCheck out the LEM Contest - Submit a Cool Rule for Chance to Win a Cool Prize
Hey LEM folks, We've just put up a new Thwack contest you might be interested in: Rule Your Log Data Contest. Create or tweak an existing rule to do something cool, submit it to the contest, and you're...
View ArticleLEM not displaying Events in All Events Filter
I need a little help troubleshooting LEM. Reviewing the All Events filter, I noticed LEM stopped displaying new events in this filter around 08:01. Issuing the diskusage command, I saw the Console...
View ArticleIdeal system requirements and settings for LEM
I wanted to check and see what other LEM users thought about this. We started out with the standard recommendations of 8GB memory and 250GB hard drive space. We're up to 150+ servers and tracking data....
View ArticleiSeries & Lem/ Lem and Hardware requirements
I have barely over the minimum on our server to run LEM; just got it running in our environment for about about a month.We currently have an iSeries agent sending logs and about to add a second...
View ArticleLEM Reporting - How to build reports on explicit data-sets?
I was wondering how I can use the LEM Reporting software to create reports on explicit data-sets. I am familiar with how I can run a report, use the Select Expert to filter on specific items and then...
View Article