LEM integration with other Analytic tools
We have a LEM deployment that covers over 500 nodes of varied types - Checkpoint Firewalls, IBM ISS Intrusion Prevention Systems, McAfee EPO AntiVirus & DLP solutions, Multiple Syslog servers,...
View ArticleLEM
I want to know that, how can LEM provide details about the given points below: Microsoft Windows Active Directory ServerUnusual Login Activity (from different locations/country)Unauthorized Password...
View ArticleAudit Log: Review and Define Priority
Hi team, I have a client that requested1. the procedures and guidelines on how the review of these audit logs should be conducted2. the criteria for defining and prioritizing critical audit logs to be...
View ArticleClik here to view.
Mystery Nodes - LEM
I am having mystery nodes added and I have no idea how to get rid of them. See screenshots below.I moused over the line to get the pop-up showing the full string. Also note that another entry,...
View ArticleUSB Local Policy configuration
Hello. LEM is still pretty new to us. We took a different approach to USB blocking. Instead of a white list, we created a black list and a list of allowed users based on AD group. So the rule looks...
View ArticleNode/agent with no connector
If there is a server node with no connectors, shouldnt the LEM not normalize/ receive logs? I have an agent where filters are still capturing events for a connector after the connector is removed....
View ArticleUsing nDepth explorer to create on demand tables/charts
Hi, I'm new to LEM, coming from a Splunk background. I'm trying to search through some ASA logs that are being sent to LEM, but I'm having trouble getting what I want out of the nDepth explore...
View ArticleNot able to add Cisco IPS node on LEM
hi i have configured Cisco IPS and LEM as per manual but i try to add Cisco IPS it didnt get add on LEM and get following message on LEM monitor window javax.net.ssl.SSLHandshakeException: Remote host...
View ArticleLEM Connector Updates
It appears when using the console for auto-updates of LEM connectors, it's trying to go out port 80 to Akamai CDN. Is it Solarwinds recommendation to allow the server outbound port 80 to any...
View ArticleServer Disk C monitoring - Alert
What is the best and easiest way to setup a rule to get an alert on any server disk C used up to 75%? I do have it setup for LEM appliance with heartbeat but not sure how to get all our servers...
View ArticleGetting Events from Network Devices
What protocol does LEM use to get logs from routers, switches, and other network devices?
View ArticleLEM
I want to know that, how can LEM provide details about the given points below: Microsoft Windows Active Directory ServerUnusual Login Activity (from different locations/country)Unauthorized Password...
View ArticleLEM: Is there a way to delete old data from the alerts database and/or set...
I have close to two years worth of data in my LEM now. I'm also experiencing slow response-times and/or timeouts when executing nDepth searches. I'm guessing this is directly relating to the size of...
View ArticleNode/agent with no connector
If there is a server node with no connectors, shouldnt the LEM not normalize/ receive logs? I have an agent where filters are still capturing events for a connector after the connector is removed....
View ArticleData Compression
Does LEM agent performs data normalization and compression both? If yes, how much the compression is done by agent before it sends data to LEM manager? In my case, I would be pointing Firewall to send...
View ArticlethwackCamp videos are live! Sessions on LEM and Security
(original post)Hey everyone! In case you've missed the announcements or mostly stuck just to your areas of interest on Thwack, here's a reminder about THWACKcamp 2015 this week. For LEM customers and...
View ArticlePalo Alto and Fortigate Logs
Hello Everyone, I am using Palo alto and Fortigate virtual appliances and testing it with LEM. Observed that most of the event information goes in to Extraneous field in the LEM's normalized events....
View ArticleLEM nodes don't delete
Recently updated our LEM to 6.2.1.We are seeing nodes that have been retired, but still on the network. We delete them butthey magically return. Anyone know how to fix this behavior? Thanks,Ken T.
View ArticleLEM Not On DHS CDM Product Catalog List! Why Not?
I work for a federal agency, and we are being directed to utilize tools off of the new Homeland Security Continuous Diagnostics & Mitigation (CDM) product catalog, and while I see SolarWinds NCM...
View ArticleLEM Web Console
HI I'm unable to login with web browser ... it says invalid login .... i've tried admin and password... its not working anyyy help ... bit of urgent ???
View Article