Trying to disable an email alert
I'm fairly new to LEM so bare with me. I turned on various email alerts as part of our implementation and as I find that they are not important I'm going back and turning some off. However, one still...
View ArticleLEM as an integrated compnent in a larger IDS/IPS system?
I am curious if anybody has done any work to integrate LEM as a component in a larger IDS/IPS system? If you have done something like this or have through of doing something like I this I would love...
View ArticleLEM - Mount error 13
I am able to mount a Windows share folder when I do a syslog export from LEM to my share folder.But when I try to do an archive job to the same share folder path using the same credentials, it gives me...
View ArticleEmail Notifications How-To
Hey All,Since we haven't had any LEM discussions yet, I thought I'd post a quick how-to on setting up custom notifications. There's a couple of really common use cases for going beyond the out of the...
View ArticleConfiguring Cisco ASA Syslog to LEM
Hello all. New Net Admin here looking to get syslog events logging in LEM. So far, I have followed the configuration knowledge base: "Integrating Cisco PIX and Cisco ASA Firewalls with SolarWinds...
View ArticleMSSQL Auditor - Won't start with domain user
Hello, I'm fairly new to the MSSQL Auditor and I'm trying to get it working. I had it working with just a single server and I wanted to expand that server to monitor others. I added the other servers...
View ArticleIE Taking Forever To Load Your LEM Resolved
Put the ip address of your LEM or hostname into the Compatibility View Under Tools in Internet Explorer, that will resolve the issue.
View Articleemail alerts with more content
All, I'm trying to figure out if there is a way to get the email alerts from LEM to have more descriptive content. For example below is an alert I just got: writing configuration at 2016-01-13...
View ArticleFile Integrity Monitoring - So many events generated for a single file copy -...
I started using FIM today. I copied a single .exe file to C:\ on a system I monitor with FIM Connector. This generated 80 events with identical information. Is there a way to reduce the number of...
View ArticleLEM - Mount error 13
I am able to mount a Windows share folder when I do a syslog export from LEM to my share folder.But when I try to do an archive job to the same share folder path using the same credentials, it gives me...
View ArticleLEM Linux agent connects but no logs
I am struggling with getting a Open SuSE Linux server to log to my LEM. Details:LEM 5.4Linux Client 5.3.1Linux OpenSuSE 11.2 It installed and even connected to the console. I created the Pam, Audit and...
View ArticleFile Integrity Monitoring - So many events generated for a single file copy -...
I started using FIM today. I copied a single .exe file to C:\ on a system I monitor with FIM Connector. This generated 80 events with identical information. Is there a way to reduce the number of...
View ArticleHow does the "IsThreat" value determined?
Hey guys, I was curious to see if we can have the "IsThreat" boolean value signal true when an IP in a custom made group appears in an event. The problem is, I don't know how LEM sets the "IsThreat"...
View ArticleCan't connect to AD using Directory Service Query Tool
Hi all, Not sure what I'm missing here, but for the life of me I can't get LEM to connect to AD using the Directory Service Query Tool! The config needed seems to be simple enough, and I've read...
View ArticleLem, can you move an nDepth search into a rule?
First post here. Thanks for reading. Is there an easy way to export a search from nDepth into another area of LEM like rules? I am new to LEM and have been asked to setup some complex email...
View ArticleClik here to view.
How to get the LEM to recognize special characters in a filter or rule...
The Lem does not appear to recognize special characters within an event data field; an underscore for example. I am using nDepth to search the Windows UserLogon.DestinationAccount field for account...
View Articleextend LEM disk space
Hi all I want to know how to upgrade LEM disk space if its full., will LEM recognize the extended space or will I have to do some settings on LEM manager so it can refresh with the new extended disk?,...
View ArticleClik here to view.
General Guides I wrote up for performing some basic LEM tasks
My company just purchased LEM. While learning how to use use it and getting it set up, I had some initial trouble learning how to perform some tasks that may not be terribly basic, but also are not...
View ArticleLEM Keeps finding "0" account which doesnt exist?
I have a rule in LEM set up to tell me anytime an account fails to log on to a system. For the longest time since the rule was turned on, LEM keeps recording an account called "0" which is attempting...
View ArticleF5 ASM and LEM - is there a connector?
Anyone aware of a connector being available for LEM for F5 ASM? It could be great to get all the WAF logging over to LEM as opposed to just the management and LTM traffic. If there isn't one, anyone...
View Article