LEM 6.1.0 new nodes
With LEM 6.1.0 Can you easily see new nodes or workstations on your network that do not have the LEM agent installed?
View ArticleEmail Notifications How-To
Hey All,Since we haven't had any LEM discussions yet, I thought I'd post a quick how-to on setting up custom notifications. There's a couple of really common use cases for going beyond the out of the...
View ArticleForward LEM events to another SYSLOG.
My client would like to forward all events from our LEM to another syslog that will be analyzing data alongside LEM. Is there a way to push events from the LEM appliance to the syslog? Everything is...
View ArticleBasic Log filtering in LEM?
We are evaluating LEM as a possible replacement for our Juniper STRM syslog appliance. We would be using it for basic log aggregation, monitoring and reporting. So far I like the basics of the LEM...
View ArticleHow do I import my CA's certificate into LEM?
We project the LEM console on a 72" TV. The console is constantly giving SSL prompts whenever it refreshes. In addition, SSL vulnerabilities are constantly showing up in our security scans - false or...
View ArticleSuccess Stories of gaining operational value from LEM
I would really love to hear specific success stores of where people have gained operational value from LEM. I am hoping that by sharing some stories or examples we might all be able to gain new...
View ArticleHow do you export a list of the current rules?
As part of the audit process we are looking to be able to run a report that will show the current rules being use. This will be used with the rules audit report. The ultimate goal is to so what rules...
View ArticleFortinet 1000c as analyzer
Hi Team, We have fortigate 1000c firewall and we want to send syslog to our LEM, but fortigate send logs to fortinet analyzer 300D only. After that configuration setup, we cannot see any log came...
View ArticleClik here to view.
Network Devices Node Ip and node name disapeared
Dears,Kindly note that this issue happening with the majority of the nodes (Network Devices) as attached in screenshot IP and Devices Name disapeared .
View ArticleArista Switch Connector?
I don't see an Arista Switch connector in LEM. Does anybody know if any of the other connectors will work for this? If not I would be happy to submit a feature request for this connector to be added.
View ArticleGetting access to Windows log files on Siemens PCU50 running restricted WinXP
Does anyone know if it is possible to use LEM to monitor events on restricted Windows XP device.The device is a PCU50 from Siemens, and there are12 similar devices on our company LAN that act as HMI...
View ArticleDon't Miss This Month's Thwack Mission - Security Scavenger Hunt
Hey folks, You may not have seen this so I thought I'd bring it to your attention. This month's Thwack Mission is all about LEM - sending you on a scavenger hunt through videos, pages, and even the LEM...
View ArticleTop 6 SANS Essential Categories of Log Reports 2013 in LEM
SANS released an updated list of their critical log categories recently. Some good recommendations especially if you're new to log management. The 6 Categories of Critical Log Information How easily...
View ArticleAgent Ports
Is it possible to change the ports the LEM and Agent use for communication? i.e. change 37890-37892 to a single static port? (DISA STIG)
View ArticleFiltering out multiple items
I'm in the process of creating a filtered version of the "All Events" filter in the Monitor tab. I'm trying to filter out certain things that I don't want to see, but am having an issue. As you can see...
View Articlenode license issue
I'm deploying the LEM agent to a good amount of nodes (mix of win 7 and win 2008). Every so often I will deploy an agent, the machine will show up in LEM but show as disconnected and also as a...
View ArticleNetapp Clustered Data ONTAP CIFS auditing to LEM
NetApp Clustered Data ONTAP creates audit log files on a file share (as far as I can tell it is not able to send the log information via syslog or snmp etc). Does anyone know whether and if so how it...
View ArticleCan't connect to Appliance
I have a LEM appliance that I can't connect to with either the LEM Console or via Web. I can connect via sshIt is pingableI can reach a second LEM (same subnet) with no issues. I have reconfigured the...
View ArticleService Release Agent Install Error
Downloaded the service release and attempted to install on Server 2012 file box, but get an error that I 'cannot run the installer in this UI mode', and to specify -i with the appropriate mode. I do so...
View ArticleMSSQL Auditor Functionality
Hi, Can anyone tell me what level of auditing is provided by this agent? WIll it pick up if someone modifies data using a query window? Thanks,Todd
View Article