Clik here to view.
Apache Tomcat for LEM
Hello, I have a few questions with regards to Apache Tomcat for LEM. Has any updated the version of Apache Tomcat on their SWLEM server ? Another issue is that entering an incorrect address gives the...
View ArticleHow do i add a static route in LEM 6.0
Hey guys; can someone tell me how to add a static route in LEM 6.0. For security reasons 1 run 2 firewalls, one is my default gateway which handles 95% of my servers and one is my backend firewall...
View ArticleApache Flex BlazeDS XXE Injection Risk
according to Support: "Apache Flex BlazeDS XXE Injection" We have implemented a fix for an XXE vulnerability to LEM 6.2.0 HotFix 2 and we suggest upgrading and performing the scan again. We recommend...
View ArticleEmail Notifications How-To
Hey All,Since we haven't had any LEM discussions yet, I thought I'd post a quick how-to on setting up custom notifications. There's a couple of really common use cases for going beyond the out of the...
View ArticlenDepth Searches very slow and time out
I am having consistent problems with slow nDepth searches that often timeout on one of my LEM appliances. I have called SW Support and thus far they haven't been able to find anything wrong with my...
View ArticleFile writes to usb
Hi I have a need to create a rule that sends an email when: The user is a member of an AD group "LEAVERS" AND they copy files to a usb device The email should ONLY trigger once and if possible have...
View ArticleClik here to view.
I see the alerts, but my rule doesn't fire
hi i enable the PortScans Rule and its firing but when i enable the other like Attach USB Device rule its shows in the monitor but the rule can't fire.please help me on this.
View ArticlePros & Cons of encrypted (bitlocker) removable media and LEM
Our team has been working on some rules to mitigate threats from removable media. We have had good success with file monitoring, read/writes, and actively responding to executable attempts from flash...
View ArticleRECOMMEND LEM ON SPREAD THE WORD FOR A $25 AMAZON GIFT CARD!
Let the community know how impressed you are with LEM and earn a $25 Amazon gift card! Simply post your review in Spread The Word with the questions answered below: What was life like before...
View ArticleThree known security issues in LEM 6.2.1
The issues below are documented in a Solarwinds Case opened on February 18. I am still waiting for a fix and/or an estimated time to fix. I did talk to a person in Lehi yesterday that is going to...
View ArticleEdit rules with email alerts setup
Is there an easier way to see what rules are set to alert via email or do i have to go to each enabled rule and see if subscription is set with email user? i have few rules that firing alerts and cant...
View ArticleAD authentication in LEM
I have been asked to configure LEM to use Active Directory credentials for users to log on with. I have the Directory Service Query tool configured per the documentation, and have added both a...
View ArticleDoes anyone know what this error mean?
Event NameEventInfoInteralErrorErorr not recognizedDescriptionpostBufferData unhandled error I started seen this event in LEM a couple of days ago not sure what it means or what it is trying to tell...
View ArticlePros & Cons of encrypted (bitlocker) removable media and LEM
Our team has been working on some rules to mitigate threats from removable media. We have had good success with file monitoring, read/writes, and actively responding to executable attempts from flash...
View ArticleRECOMMEND LEM ON SPREAD THE WORD FOR A $25 AMAZON GIFT CARD!
Let the community know how impressed you are with LEM and earn a $25 Amazon gift card! Simply post your review in Spread The Word with the questions answered below: What was life like before...
View ArticleIs there a way to monitor CD rom drive usage?
Is there a way to monitor/notification of CD rom drive usage? So far I can not figure out a way. There are no services that I can think of to monitor. Any ideas would be helpful. Thank you.
View ArticleUser Defined Group by IP Range?
Is it possible to create a user defined group for an IP range? Does it accept full RegEx? I am trying to create a UDG that represents each of my clients and it seemed the best way to do that would be...
View ArticleLEM filtering for System Name versus IP
I often need to search for logs across a specific set of nodes managed by LEM, when doing this I normally use the "DetectionIP" as the key field. The problem that I am running into is I can't use the...
View ArticlePort Scan - LEM
Hello, I have created a Firewall Logon Failure with Inference notification. An email notification was added to the actions which was followed by several notifications being sent out. Checking the...
View ArticleAll Domain Controller Events Filter - zero ???
I am looking in Filters > IT Operations > All Domain Controller Events This count is 0 (zero)I have installed the LEM agent on all of our Domain Controllers (3 of them) Build > GroupsI...
View Article