Clik here to view.
Re: LEM creates duplicates of provisioned XenApp servers as they are created
One approach is to use LEM's automatic recycling mechanism to cycle out those old nodes that haven't connected in a long time. We built this to help people in VDI environments automatically delete...
View ArticleClik here to view.
Adding Nodes
I am trying to add some windows desktops to the LEM console, but i can;t see the the computers when i run the Remote Agent Installer. All the computers are on the same domain. The only difference is...
View ArticleRe: SourceFire connector
In the sourcefire admin console for configuring syslog "alert" is a facility option, there is an option for priority as well 2 separate items and "alert" is an option for both. That being said I can...
View ArticleRe: SourceFire connector
It's possible the default path was written for a different scenario, like running the connector on a linux agent. Or, maybe we just carried over the wrong default from the snort connector. Hard to say....
View ArticleRe: node license issue
I started off by completed removing the agent and re-installing and the same computer checked in as a universal node again. I'll check these logs and report back.
View ArticleClik here to view.
Re: node license issue
Spop log shows a communication issue, but the ports are open, they have been open for almost a year now since our initial deployment. And it's checking in with the manager as it does show up as a node,...
View ArticleRe: node license issue
I'm running watchlog now and it's showing nothing at all, is that good or bad? Does it show only errors?
View ArticleRe: node license issue
On the impacted machines, can you telnet to the LEM on port 37892? That connection appears to be failing. Does DNS on the impacted systems come up with the right IP for qcswlem.qchek.com?
View ArticleRe: node license issue
Yes the telnet test on port 37892 to the LEM works successfully. And it did it with dns name so it is resolving correctly also.
View ArticleClik here to view.
Re: node license issue
I apologize I was not running watch log properly, but here is a brief output of it. Several nodes say connected, but are not visible in the console. Specifically node 172.16.169.2 BO_BACKUP.qchek.com...
View ArticleRe: How to monitor activity by users of the admin group
I get the windows event codes from https://www.ultimatewindowssecurity.com/ Ones I use are Domain Admins Group additions and deletions using Auditable Group Events.EventInfo" = Member "*"...
View ArticleClik here to view.
Netapp Auditing
I must be missing something simple.I have followed (I think) these steps but I can't seem to get it to work.SolarWinds Knowledge Base :: Integrating NetApp with LEM...
View ArticleLEM Issue : Error Processing Logs Message for FortiNet
Hello. Seeking for assistance please.We are monitoring logs from a Fortinet device. Connector used is WS_FTP Connector.We tried to update the connector to the latest version but still we are having...
View ArticleRe: LEM Issue : Error Processing Logs Message for FortiNet
Have you tried using the Fortinet connector(s)?
View ArticlethwackCamp is this week! Session on Firewall Logs & LEM on Wednesday!
Hey everyone! In case you've missed the announcements or mostly stuck just to your areas of interest on Thwack, here's a reminder about thwackCamp 2015 this week. For LEM customers and security folks,...
View ArticleRe: LEM Issue : Error Processing Logs Message for FortiNet
Can we get more info about your setup? How did you end up with the WS_FTP connector - was it automatically selected? As byrona mentioned, I'd expect the Fortinet connectors to be a better match, but...
View ArticleRe: Netapp Auditing
Are you able to use the Windows tools to open it remotely by UNC path using that user/password? Do you see any other Internal events in the "LEM Internal Events" filter related to the connector after...
View ArticleLEM: log retention and backup
Hi ALL, I would like to ask if this retention KB is still valid for LEM 6.1 (latest)see below ? LEM's retention is sized based. So, you are right - the oldest events are purged to make way for the new...
View ArticleClik here to view.
Re: LEM: log retention and backup
Yes, it is still valid. The retention methodology hasn't changed.
View Article