--- Article Removed ---
*** *** *** RSSing Note: Article removed by member request. *** ***
View ArticleRe: Help us out - check out the LEM online demo
What resources is the demo using? How many CPU's and how much memory?
View ArticleRe: LEM 5.6 Release Candidate Access
Hey Napoleon - a senior support staff member is going to follow up with you directly, and I'll check back myself when I get another spare second.
View ArticleRe: Help us out - check out the LEM online demo
Event load is pretty low on the demo systems and it doesn't take too much resources to host multiple consoles, so they are all running on default reservations.
View ArticleLEM SDK ?
How do I access the LEM database using a 3rd party tool ? I would like to read table records from the raw database for ad-hoc queries, and display results in a customized format.
View ArticleRe: Help us out - check out the LEM online demo
Thanks, BTW Gerald did a great job.... Demo works great for me on Chrome, Firefox and IE 8
View ArticleRe: nDepth search for DestinationPort unsuccessful
I am using the web console. Let me see if I can track that down on the web version.
View ArticleRe: nDepth search for DestinationPort unsuccessful
Ugh, that was real easy. I just went to the search builder and tracked down the TCPTrafficAudit event and sure enough, the DestinationPort field was right there, in front of my face. TY for your...
View ArticleAlert on Security event log clearing?
I've been poking around in LEM trying to figure out how to get this to occur; it should be as simple as searching for the Event IDs. We want to get an alert when the Security event log for Server...
View ArticleDoes LEM support IBM's RACF security and/or IBM's DB2 database security events?
Does LEM support IBM's RACF security and/or IBM's DB2 database security events?AND - does Solarwinds LEM have an Open-API ? Thanks!
View ArticleRe: Alert on Security event log clearing?
Someone else might have a better way to do it, but I detect these by a rule for ObjectDelete.EventInfo where the text info is '*audit log was cleared*'. This has worked for me, and hope this helps!
View ArticleClik here to view.
Issue with AIX Connector
Hello,We have an issue with the connectors assigned to the IBM AIX nodes because these connectors appear disconnected on the LEM console, we have re installed the agents, and reconfigured the AIX Audit...
View ArticleUnsusual or Suspicious Traffic
Can anyone explain what constitutes "Suspicious or Unusual Traffic" in the LEM? What causes a positive hit? Thanks, -Mar
View ArticleRe: Unsusual or Suspicious Traffic
I personally have found this to be the most difficult part of LEM; understanding what the different definitions (suspicious or unusual traffic for example) really are looking for. As far as I am aware...
View ArticleStatic Routes
Greetings, is it possible to add static routes to LEM? I've looked through the documentation, but am not finding anything.
View ArticleRe: Unsusual or Suspicious Traffic
The "unusual" alerts (Unusual Traffic, UnusualIPTraffic, UnusualProtocol, UnusualICMPTraffic, UnusualTCPTraffic, UnusualUDPTraffic), in my environment, are almost always inferred alerts. Inferred...
View ArticleRe: Alert on Security event log clearing?
There's a default rule for this, look for "Windows Event Log Cleared". It has exactly the logic that ssei posted above.
View ArticleRe: LEM SDK ?
Hi coreys, Currently there isn't a way to expose LEM data (config or events) via API. Our database requires a little extra "magic" to query the right areas of the database. You CAN use nDepth to search...
View ArticleRe: Severity Levels: How are they determined?
The severity levels are determined by the categorization of the event - i.e. the "Event Name" and where it's located in the LEM event taxonomy. Most "Audit" alerts are lower severities while most...
View Article