Hi
The LEM application currently supports the Error log only for NGINX and as jrouviere highlighted uses the LEM agent to collect the file based logs.
NGINX also has a content log, but this will require a connector to be created to support the collection of this log data, as the format and definition of the log messages are different to the Error log. The Core FTP application is also not supported out of the box and will therefore require a custom connector to be created.
SolarWinds themselves are the only ones able to create a new connector and therefore a case will need to be created requesting these. The connectors to be clear are definition templates which tells LEM how to parse the event message data into the normalised fields available within LEM. It also maps the events into the categories, so for example a login failure attempt to the application will be placed in the Logon Failure category. This capability is very much what a SIEM solution is their to do; to provide a searchable and structured data set against the wide range of log message formats and output.
The following SolarWinds KB article provides information on the creation of a new connector request:
Submit a request to SolarWinds for a new LEM connector - SolarWinds Worldwide, LLC. Help and Support
Mark Roberts
Prosperon - UK SolarWinds Partners
Installation | Consultancy | Training | Licenses
