File Size
Is there a way for you to see properties like the size of a file? I know that you can see the name of a file when an event like FileRead or something else happens, but I can't seem to have access to...
View ArticleAlert Monitoring For New Events That Begin Flooding
We are currently implementing generic rules per category per server which will get triggered when 5 events (in a specific category) get logged on a specific server within the past 30 minutes. However,...
View ArticleNetapp Clustered Data ONTAP CIFS auditing to LEM
NetApp Clustered Data ONTAP creates audit log files on a file share (as far as I can tell it is not able to send the log information via syslog or snmp etc). Does anyone know whether and if so how it...
View ArticleLEM MSSQL Auditor need more logs verbosity
Hello there, Cannot figure out how to configure what MSSQL Auditor sends to LEM.I have edited default SQL Profiler trace file and now I can see all events needed on agent's log file but not on LEM...
View ArticleClik here to view.
Login failed LEM reports
i am trying to get all log messages from the LEM reports. I installed the Reports and Crystal runtime file on my computer which was not a big issue. But everytime i try to add a manager i can"t ping...
View ArticleMSSQL Auditor Functionality
Hi, Can anyone tell me what level of auditing is provided by this agent? WIll it pick up if someone modifies data using a query window? Thanks,Todd
View ArticleClik here to view.
LEM events
Hi Im new to LEM How do i troubleshoot nodes that shows last events were recorded some days ago?:
View ArticleAlert Monitoring For New Events That Begin Flooding
We are currently implementing generic rules per category per server which will get triggered when 5 events (in a specific category) get logged on a specific server within the past 30 minutes. However,...
View Articlelinux server agent and syslog/connectors
Why do linux servers need both an agent and syslog setup? It appears linux servers need to have samba, selinux, sudo etc setup
View ArticleHow do I harvest Windows syslogs from Kiwi?
I've been looking at a previous thread (http://thwack.solarwinds.com/message/169428#169428) about pulling Cisco ASA logs from a Kiwi Syslog Server, and I'm trying to do the same with Windows logs that...
View ArticleTriGeo Alert - Disk nearly full
I started receiving these LEM email alerts and I am not sure if it is saying my LEM c: drive and what I need to do. This is the message: disk c: nearly full at 2016-05-11 10:07:00.0 There is no other...
View Articletask category - event details
Where do i see the task category in event details in LEM?
View ArticleAdobe Flash zero-day
Any concerns here for LEM users? Adobe Flash zero-day patch is out…for the third month in a row – Naked Security
View ArticleIncidents created when manager logs in as root for cron
New to LEM... we enabled a bunch of default rules. Every 15 minutes or so, incidents are created from events automatically happening on the manager. The rules that are firing to create the incidents...
View ArticleFirewall Shun
Hi there Anybody know it is possible to create an alert for devices which are shunned by the firewall? Thanks
View Articletask category - event details
Where do i see the task category in event details in LEM?
View ArticleClik here to view.
LEM events
Hi Im new to LEM How do i troubleshoot nodes that shows last events were recorded some days ago?:
View ArticleAD authentication in LEM
I have been asked to configure LEM to use Active Directory credentials for users to log on with. I have the Directory Service Query tool configured per the documentation, and have added both a...
View ArticleClik here to view.
Threat intelligence feed logs
We have a rule set up to use the TIF thusly: We're getting alerts from Bad Folks™ trying to hit our outside IP, but that's happening all the time -- a good portion of the reason one doesn't put an...
View Articlesoftware installation/installation operation event
I am getting multiple "software install" from a single user.The providerSDI are all MSIIntaller 1035.The install operation states: Configuration change completed with status 0. Thoughts?
View Article