Re: LEM 6.1.0 new nodes
There are a couple of rules intended to look for systems (servers/workstations) that don't have agents using different kinds of activity we DO see via logs - "DHCP but no Agent" and "Authentication but...
View ArticleRe: How do I import my CA's certificate into LEM?
Roman828omarmadruga Login to LEM appliance as CMC user using putty with 32022 port 1. Once you logged as CMC user, type manager2. Then type importcert(Note: you should CA certificate in network...
View ArticleClik here to view.
Basic Log filtering in LEM?
We are evaluating LEM as a possible replacement for our Juniper STRM syslog appliance. We would be using it for basic log aggregation, monitoring and reporting. So far I like the basics of the LEM...
View ArticleClik here to view.
Re: Collect Raw Logs
With the disclaimer that I don't know what I'm doing, and might just be making it worse, here's an attempt at a generic connector band-aid: Generic Syslog Connector
View ArticleClik here to view.
Re: Basic Log filtering in LEM?
For people who are new to LEM and want to do a quick search, the best way is to go to Explore -> nDepth ->Change from Drag & Drop Mode to Text Input -> Type in search query (ex: IP) As...
View ArticleRe: Fortinet 1000c as analyzer
You'd need to ask Fortigate that for a real answer, but I have seen people with the Analyzer and Syslog options set at the same time.
View ArticleRe: Basic Log filtering in LEM?
I was able to get that far, and am able to get the raw data, but it isn’t very useful. Could I get a top ten list of blocked domains?
View ArticleRe: Basic Log filtering in LEM?
I don't see anything in the screenshots you attached. Can you try again?
View ArticleRe: Basic Log filtering in LEM?
I did not attach anything. I am just looking to be able to provide a report of internet use based on the syslog data from our Barracuda web filter device. Reporting on that data is the sole reason we...
View ArticleGetting access to Windows log files on Siemens PCU50 running restricted WinXP
Does anyone know if it is possible to use LEM to monitor events on restricted Windows XP device.The device is a PCU50 from Siemens, and there are12 similar devices on our company LAN that act as HMI...
View ArticleRe: Arista Switch Connector?
Is there a way that I can directly email you the log examples, I would rather not post them here in a public place. I can also just open a support ticket if that would make more sense?
View ArticleRe: Arista Switch Connector?
Support would be a good path if that's the case, as that's where the request would end up anyway.
View ArticleClik here to view.
Re: Top 6 SANS Essential Categories of Log Reports 2013 in LEM
Nicole,How do you update a UDG using a CSV file as you mention above? I followed the SolarWinds KB to modify a KB but I don't see an import option or another way to insert a CSV file. Thanks
View ArticleRe: Top 6 SANS Essential Categories of Log Reports 2013 in LEM
There's actually a set of instructions here - Log & Event Manager v5.7 RC Now Available: Scheduled Searching, License Recycling, and More! - look for "Import User-Defined Groups from CSV files". (I...
View ArticleClik here to view.
Re: Basic Log filtering in LEM?
You can use the nDepth feature to search for the particular data you are interested and export it out straight away If not you can use the reporting tool to generate the report. If non of the template...
View ArticleClik here to view.
Re: Agent Ports
I believe you cannot change the port to a single static port as it is the way how the agent design to be, in order to send the traffic from agent to LEM Appliance. For LEM Appliance, as you do not...
View ArticleRe: Agent Ports
Port 37890 is only used by Agents when they first run, to kick off the certificate exchange. Then they move to 37892. 37891 is a back-up port, and provided in case you're running old Agent software.
View Article