Pull in Exchange Auditing Logs
We just started demoing this product and believe we have the Exec's sold on it. They just want to see one more feature. I have tried a few different things and can't get it work, wondering if you can...
View ArticleNode name resolution in LEM
Running 5.4I have a handful of nodes that are not resolving the node name, just shows IP.I pinged the hostname from the SSH CLI in appliance mode and it worked properly.Pinging address...
View ArticlePotential Bug - LEM 5.6.0 User Defined Group Creation with multiple...
Using LEM Desktop Console managing two appliances (one 5.6.0 full, one 5.6.0 trial), attempt to create a user defined group and assign to the second appliance in the group. When saving, the selected...
View ArticleClik here to view.
lack of data
All my agents say they're connected - but I am not getting any data into the console? --Geff
View ArticleHigh CPU while at logon screen?
I'm not sure how this is using Adobe AIR, but when I open IE9 and simply go to the LEM web logon screen, my CPU spikes and consistently stays from 65% - 95% pegged. This is running the VM LEM and a...
View ArticleHow to set on LEMwhen the network loop happen
Hi All, In recently, network loop often has been happened due to mistaken operation by some users in office. So we has been recommended the LEM to collect devices' syslog and prevent from it again....
View ArticleSpace needed for archiveconfig
I have LEM 5.4 and plan to upgrade to 5.6. How much space do I need to allocate on my network share for 850gb? What is the recommended option when doing the archive? Daily, weekly, one-time?...
View ArticleIssue with custom LEM report
With the new 5.6 Upgrade, it appears to have broken some custom reports we created. Whether that's just my error or not, I don't know. I got login errors when I tried to view them, which led me to...
View ArticleGetting the second line of an event description
Some Window events have a second line in the event description (e.g. Windows 646). My LEM generates an email with the following: The User xxxxx had made the following modification: User FLEET$ account...
View ArticleInternalUnknownAgent SolarWinds Alerts???
I am getting a lot of InternalUnknownAgent Alerts under the SolarWinds Alerts filter. What are these alerts, are they serious, and how do I fix them? Couldn't find any info on them in the User Guide or...
View ArticleLog Print Success
I have a requirement to log print success. On our print server I can see individuals printing and whether they are successful or not. I have the agent installed on our print server (Windows 2008R2)...
View ArticleIn-line filter of Windows events from LEM agent
Hi All, I am new to LEM and currently getting up to speed with it's capabilities. As part of getting to grips with this product, I installed the Windows Agent to my Windows 7 workstation as a means of...
View ArticleError: General: search ended prematurely
errorAs I was running ndepth searches I ran into this error, all searches return this error, and all my home page widgets are broken (other than events per minute, user logins by source machine, and...
View ArticleError: Search finished prematurely
Aside from what the words say, what does this mean with regard to problems with the LEM? I got this for the first time today.
View ArticleNeed some help with AD group auditing
I'm using the built-in templates for monitoring group changes in AD. In this example, I'm monitoring a group creation event. Here is what my rule looks like. It fires correctly but the information in...
View ArticleNew groups in 5.6
If I recall correctly, one of the features on 5.6 was that it comes with some predefined groups and filters. I see these in the LEM appliance we upgraded in our Test environment (it now has Overview,...
View ArticleTracking AD changes in LEM
I'm fairly new to LEM. I"m trying to create a filter that will show me when someone makes a change to an AD group. Whether it be removing a user from this group or adding a new group altogether. Anyone...
View ArticleFilters best practices
hello ... I am new to the SIEM tools and a fresh graduate from collage. we are implementing the LEM tool in our company and my boss asked me to find the best practice for the filters, meaning what are...
View ArticleLEM Email Rule from a single node
I have been looking through everything and might have missed it. I am trying to setup a Rule that will notify me when 1 node has an event. For example I have it setup to email me when a user account...
View ArticleUsing LEM to log and report OWA authentication request events
Hello all, I am attempting to configure LEM to audit and report OWA authentication request events. As at time of posting, I have installed the agent to the Domain Controller and Exchange server where...
View Article