No log event in MONITOR tab
Hi Team, Need your assistance.Upon checking on my LEM console, we have seen the logs under OPS tab, but in MONITOR tab there is no event log on all filtered categories/event (0). Please advise. Initial...
View ArticleReporting LEM 6.1.0
I just thought I would see what others run into when running reports. I'm running a report on a monthly basis for all Remote Access events. It generally is only 2-3 pages long. I'm running it on a...
View ArticleReports
Is it possible to create your own report in the LEM Reports application?I want to run some reports of a few filters that i have created, but don't see any report tittle related to this. For example i...
View ArticleDoes anyone know if LEM supports VMXNet3 NIC from VMWare
Everyone; My supervisor asked me if LEM supported the VMXNet3 NIC provided with VMware tools. If someone knows please respond. Thank You All Steve
View Articlegroup changed "builtin\administrators" security enabled local group
Hi,I'm fairly new to LEM, loving it so far! Since I had set it up, the following alert "group changed "builtin\administrators" security enabled local group at" has been triggering every 15 - 20...
View ArticlePBX
Hi, We are using Sangoma free PBX that is installed on Linux.Is it possible to receive log and events from the PBX?If so. Which connector do i have to use for this?
View ArticleClik here to view.
LEM - email template
I have created the email template to trigger in the case of server logs being cleared. The rule fires fine and sends me an email, but all I get in the email body is a very vanilla bit of content with...
View ArticleLogon failed while running LEM reports
Hi, After installing Log and Event Manager Reports, while running a report, its showing this error: Logon failed. Error code: -2147189176, What is this error and how can it be resolved so I can run...
View ArticleHaving problem to add Trend Micro Interscan Web Security to LEM
Hi all,Does anybody using LEM to proccess logs from Trent Micro Interscan Web Security? I am having problem to monitor logs from TM Interscan,
View ArticleLEM - Logon "NT AUTHORITY\ANONYMOUS LOGON"
Hi Team, We would like to seek on your assistance regarding on this. We are seeing anonymous logon came from the LEM, and as per checking on the target computers all the Users currently logon was legit.
View Articlegroup changed "builtin\administrators" security enabled local group
Hi,I'm fairly new to LEM, loving it so far! Since I had set it up, the following alert "group changed "builtin\administrators" security enabled local group at" has been triggering every 15 - 20...
View ArticleEmail alerts to destination or source user accounts?
Are email alerts limited to users created within LEM or, is it possible to target the destination or source user accounts of an event? One use case for this is multiple logon failures which an end...
View ArticlePrint Services for Windows Monitoring
Hello:I was hoping someone could help me out in getting PrintService logs from our Windows 2008 R2 print server into LEM. We are currently running LEM 6.1Here is what I have done so far:I enabled the...
View ArticleWSUS events
Hi Guys, Is it possible to receive events from a WSUS server?I am using the Vista Security connector, but i only get userlogon/logoff, machine logon/logoff events and actually that is not what i want....
View ArticleHow are logs normalized?
Hey guys, I'm fairly new here and am still learning the swing of LEM. A big issue I'm having is that I'm not able to find the specific logs I'm looking for because I do not know how LEM organizes...
View ArticlethwackCamp videos are live! Sessions on LEM and Security
(original post)Hey everyone! In case you've missed the announcements or mostly stuck just to your areas of interest on Thwack, here's a reminder about thwackCamp 2015 this week. For LEM customers and...
View ArticleLEM manager OS (Linux) admin account info
how would I find out the admin account info on LEM manager server? is this a support call? thank you,
View ArticleAgent Offline Rule- recieving alerts but server is up
this is a rule came in the box and until last couple of days, we were only getting the alerts when servers actually getting re-booted after patch or manually. however, started getting alerts regularly...
View ArticleHow to: Create a notification of a port scan and/or sweep using LEM?
Good Morning All, 09/03/2015 - I have edited the title in an attempt to more accurately reflect the question. I would like to know if it is possible to create a Report,Filter, Rule, and/or Alert to...
View ArticleTop 6 SANS Essential Categories of Log Reports 2013 in LEM
SANS released an updated list of their critical log categories recently. Some good recommendations especially if you're new to log management. The 6 Categories of Critical Log Information How easily...
View Article