You are correct in that someone clicked on scan for new nodes.. I did however that shouldn't have added an ip address as a node for a system that is not on my network should it?
I mean it is only supposed to add nodes that existing on my network should it not?. (unless we have a tunnel of some sort to this outside node)
Deleting the node was what support had me do before and they didn't really give me an answer as to why the node showed up in the first place. If the product is broken or bugged fine let me know that... if my network has been compromised I need to know that as well... if this is how the product works (which seems extremely unlikely because this never ever happened before the update no matter how many times I scanned for new nodes), than let me know that as well.
Again I have no tipping point devices on my network.
I will do as you suggest and go through the logs and find out what the heck is going on because this is troubling.
I worked with support and we removed tipping point from the connectors and this removed the unknown node.. However this has just made things much worse for everything else.
I have some new nodes, (barracuda message archiver and meraki wireless access pionts) that are all being misidentified as tipping point connections. When i try to manually add them the LEM says nope these are tipping point connections.. I have spoken with both vendors and they have assured me that they have not suddenly changed their logging or connectors to tipping point so the problem is with the way lem see's these logs and misidentifies everything now as tipping point.
Followup:
Worked with support again and it appears the connectors might be the cause of the mis-identification. Support is checking to see if the devs can either point to the correct connector or update the connector setttings.