Re: Certificate Issue
The certificate that gets exported ought to match, but only really matters if you're running the Adobe Air console. Are you access the LEM via IP or hostname? Does the DNS name in your network match...
View ArticleRe: Certificate Issue
I've trying accessing using the IP and the hostname both with the same result.DNS name and hostname match as well. When comparing the two certificates it just looks like the web console certificate...
View ArticleRe: Certificate Issue
The below response from Solarwinds Support solved the problem: Are you referring to getting rid of the certificate error when you first load the console?If so, the certificate that gets exported is a...
View ArticleRe: Creating custom Email Templates & Correlation of Fields
Is this is trick question? Look like you are using UserLogonFailure in the correlation, but FailedAuthentication to populate the email message. The fields in the email must appear in the correlation....
View ArticleRe: Fortinet 1000c as analyzer
Hi Curtisi, Fortinet and Sonicwall last 4 days did not send any syslog in LEM, see below error below " Error processing log message". Any advise? Thank you.
View ArticleReport customization in LEM 6.1.0
Hi Team, Question: Up to now (in new version 6.1.0) The full version of Crystal Reports XI is required to complete the tasks(report customization)?
View ArticleRe: Using a Thread Intelligence Feed with LEM?
Added a link to you LEM question as well as more information to help adoption of the new Threat Intelligence standards implemented late last year. I think this could be an opportunity to increase the...
View ArticleRe: Using a Thread Intelligence Feed with LEM?
The new STIX and TAXII open standard along with Soltra Edge a (Collect/Create Threat Repositories) also provide a means to share threat intelligence across member organizations anonymously. This would...
View ArticleRe: Report customization in LEM 6.1.0
No, you can customize and schedule reports using the tools that come with the LEM. [VIDEO] Filtering and Exporting SolarWinds LEM Reports to Quickly Find Events of Interest
View ArticleClik here to view.
Re: Report customization in LEM 6.1.0
Hi Curtisi, thank you for always answering may question, i got the answer yesterday to my colleague but your video is a must clear.
View ArticleClik here to view.
Re: LEM on Server with 2 NIC
Hi,I am looking to do something similar. Did this fix the issue for you? thanks
View ArticleRe: LEM USB Defender False Positives
So the time and date on the event were correct and didn't match the "Detection Time" reported by LEM? If that's the case, I'd open a support ticket to have them look at this.
View ArticleRe: Unknown Nodes
Do you have a screenshot to share? What kind of events are associated with these 'bogus' nodes?
View ArticleRe: Unknown Nodes
No, if the LEM sees data with an IP, it'll treat it as a new source and add a node for that. You'll need to resolve the bogus source to prevent the data from coming back.
View ArticleRe: Unknown Nodes
Is there any documentation of how i can do this? I did a nslookup but get the message that the device has no domain and it is offline.
View ArticleLEM creates duplicates of provisioned XenApp servers as they are created
We currently use non-persistent provisioned XenApp servers that build off of a single image so that we can spin up servers as needed. We followed the procedure to delete the certificate data as...
View ArticleSourceFire connector
I am configuring our SourceFire 3ds system to forward syslog information to LEM.The default facility in SourceFire is alert, the LEM connector by default has a path of /var/log/alert.logWhen I perform...
View ArticleRe: SourceFire connector
You probably need to find the right the log path. "alert" isn't a facility, it's a priority, so I think you're missing the other half - it's most likely one of the local facilities, or something like...
View ArticleRe: Unknown Nodes
If they keep coming back after you delete them, it's because new events are coming in with that DetectionIP value from one of your log sources. LEM uses DetectionIP to determine when a host is sending...
View Article