LEM Hardening
Dear All We are running LEM 6.2.1 in our environment. IS team has run the internal vulnerability scanner in which we have found many vulnerabilities in LEM VM. Can any one guide us how to fix that...
View ArticleClik here to view.
Login failed LEM reports
i am trying to get all log messages from the LEM reports. I installed the Reports and Crystal runtime file on my computer which was not a big issue. But everytime i try to add a manager i can"t ping...
View ArticleEmail Notifications How-To
Hey All,Since we haven't had any LEM discussions yet, I thought I'd post a quick how-to on setting up custom notifications. There's a couple of really common use cases for going beyond the out of the...
View ArticleClik here to view.
System Audit Policy Changed - 22 alerts
Combed the LEM documentation, couldn't find a clue (it might be ind documentation somewhere, I couldn't find it after an hour of digging) This morning I got 22 TriGeo alerts in this pattern: system...
View ArticleConfigure LEM as a SYSLOG Server
Hi, I am currently configuring LEM to monitor a small industrial network, (containing 12 devices). Firstly can someone please confirm that LEM is capable of receiving SYSLOG data.If so, is this a...
View ArticleLEM Retention
How far back or how many events does the LEM store? Is there a way to access this information?
View ArticlePalo Alto and Fortigate Logs
Hello Everyone, I am using Palo alto and Fortigate virtual appliances and testing it with LEM. Observed that most of the event information goes in to Extraneous field in the LEM's normalized events....
View ArticleClik here to view.
LEM Agent on vmware template
Is it possible to install the LEM agent on our vmware templates so its already in place during server deployments? If so, what are the steps/special instructions for making this happen. We want to be...
View ArticleLEM Version 6.2.1 hotfix 2 restore - https down
I had removed a server node and wanted to just roll back to my configuration backup I had scheduled for Sundays to put the node and all connectors back. The restore was successful, but I did not notice...
View ArticleFIM: identifying false positives
this question is not related to LEM, but i was wondering if there are tools out there which would help identify file (not just extension) to make the association if its false positive. There are plenty...
View ArticleConfigure LEM as a SYSLOG Server
Hi, I am currently configuring LEM to monitor a small industrial network, (containing 12 devices). Firstly can someone please confirm that LEM is capable of receiving SYSLOG data.If so, is this a...
View Articlesuspicious DNS traffic rule
We have recently added checkpoint and the "suspicious DNS traffic" rule is triggering incidents. We have identified the DC as per the templates but are trying to decrease incidents.
View ArticleUnable to get E-Mails. How can I temporarily get the notifications from a Rule?
We are going through an e-mail migration and there has been some issues arise with the e-mails coming from the Solarwinds LEM product. I was just wondering if there is another way I can get that...
View Articlendepth query
new to SW LEM and trying to figure out a way to drill into a file server from a few weeks ago, I'm trying to use nDepth from console and pick criteria correctly. is there a max of how far back I can...
View ArticleLEM Agent in DMZ Showing as Non-Agent Node
We have a public web server located in a DMZ. We recently installed the LEM agent on the server and opened the necessary ports in our firewall to allow it to communicate with our LEM appliance on the...
View ArticleClik here to view.
Ndepth scheduled search limit
I found the link below from solarwinds stating the ndepth export for CSV at 500,000 events, however one of my scheduled reports only showed 50,000. Is this a bug? nDepth export to CSV/PDF limitation -...
View ArticleHow do I configure the SNMP community string for LEM?
I haven't been able to find the setting whereby I can configure the SNMP read-only community string for the LEM appliance, so that I can monitor its health/set up alerting etc through Solarwinds NPM. I...
View ArticleCollect events from Novell eDirectory on SuSE
We are very new to LEM and are needing to collect events from our Novell eDirectory running on SuSE. Does anyone know how to do that? I have done a quick search for KB and not found anything. I...
View ArticleRules from a single host, from a single user ID
I need to create two rules that will alert on brute force attacks within specific time frame, one from the same source, and another one from the same user ID.I see the rule "Continuous Excessive Logon...
View Articlesuspicious DNS traffic rule
We have recently added checkpoint and the "suspicious DNS traffic" rule is triggering incidents. We have identified the DC as per the templates but are trying to decrease incidents.
View Article