Clik here to view.
Re: Basic Log filtering in LEM?
The filters in the monitor section There is a filter called "Blocked Web Traffic" The count is "0" There should be blocked traffic, but LEM is not interpreting the syslog data coming from the barracuda...
View ArticleRe: Basic Log filtering in LEM?
The filter for Blocked Web Traffic looks for Event Info of "*Blocked URL*", I checked the barracuda web filter connector and "Blocked URL access by..." is the default EventInfo for blocked web access....
View ArticleRe: Agent Ports
There is a way using configuration files on both ends to change this, if necessary, but those 37890-37892 ports outbound are actually static and you will still need at least 1 of them (as Curtis...
View ArticleRe: Getting access to Windows log files on Siemens PCU50 running restricted...
We do have an agent that will work for Windows XP, but you'd have to get it installed and that sounds somewhat unlikely
View ArticleRe: Basic Log filtering in LEM?
The syslog from Barracuda calls it: “denied” So the blocked URL does not work. I did change it to look for denied, and got it to work; however, I don’t know if the ‘denied’ is a universal term they use...
View ArticleFiltering out multiple items
I'm in the process of creating a filtered version of the "All Events" filter in the Monitor tab. I'm trying to filter out certain things that I don't want to see, but am having an issue. As you can see...
View Articlenode license issue
I'm deploying the LEM agent to a good amount of nodes (mix of win 7 and win 2008). Every so often I will deploy an agent, the machine will show up in LEM but show as disconnected and also as a...
View ArticleRe: Netapp Clustered Data ONTAP CIFS auditing to LEM
Did this get depreciated because I am running 6.1.0 and I don't have a NetApp connector under Operating Systems. I need to know the best way to get NetApp logs into LEM.
View ArticleClik here to view.
Re: Netapp Clustered Data ONTAP CIFS auditing to LEM
There are two NetApp connectors: the syslog one is under File Transfer & Sharing ("IBM NetApp OnTAP") the event log auditing remotely one is under Operating Systems ("NetApp") - and you will ONLY...
View ArticleRe: Netapp Clustered Data ONTAP CIFS auditing to LEM
Ah, I think the syslog one may be more applicable for what I am planning. My NetApp guy is working on sending the syslog data to the LEM appliance so if I setup that connector on the appliance I am...
View ArticleClik here to view.
Re: Netapp Clustered Data ONTAP CIFS auditing to LEM
The syslog connector will have all the device availability/service stuff, the other one has all the file auditing stuff. Events included: FileExecute - FileExecute: kern.cli.cmdFileSystemTrafficAudit -...
View ArticleCan't connect to Appliance
I have a LEM appliance that I can't connect to with either the LEM Console or via Web. I can connect via sshIt is pingableI can reach a second LEM (same subnet) with no issues. I have reconfigured the...
View ArticleRe: LEM 5.6 Release Candidate Access
Nicole, can you please contact me ASAP. napoleon.crowe@perdue.com or 410-543-xxxxConcerning ticket 471813
View ArticleClik here to view.
Re: Filtering out multiple items
First things first: I was able to replicate this with a much simpler filter: That seems like a cool bug. Second, I'd suggest that if you're getting unmatched data, it means you have an issue to...
View ArticleRe: node license issue
Tim, You may want to open a Support ticket so they can work with you over the phone, but... On the machines that are showing disconnected, can you go to: C:\Windows\System32 (or SysWOW64)\ContegoSPOP...
View ArticleRe: Can't connect to Appliance
Are you connecting via http://LEMIP:8080 or https://LEMIP:8443?Can you clear your browser cache and cookies?Can you try a different browser?Can you try a different machine?Can you ping the LEM IP or...
View ArticleClik here to view.
Re: Can't connect to Appliance
Are you connecting via http://LEMIP:8080 or https://LEMIP:8443? _yesCan you clear your browser cache and cookies? - yesCan you try a different browser? - yesCan you try a different machine? - yesCan...
View ArticleRe: Fortinet 1000c as analyzer
Hi Curtisi, Thank you for your help, this is now working well. Big help
View ArticleRe: Fortinet 1000c as analyzer
No problem! Don't forget to mark the correct answer so future searches know this thread can solve their problem!
View ArticleClik here to view.
Re: Service Release Agent Install Error
I've run into this today. Out of 10 agent (6.1) installs, 3 of them failed with the "Installer User Interface Mode Not Supported". According to google, the error has to do with the installer not able...
View Article