Agent Offline Rule- recieving alerts but server is up
this is a rule came in the box and until last couple of days, we were only getting the alerts when servers actually getting re-booted after patch or manually. however, started getting alerts regularly...
View ArticleRe: LEM manager OS (Linux) admin account info
SolarWinds Knowledge Base :: Use an SSH client to connect to your LEM appliance This includes steps and the default username and password (cmc/password). If that doesn't work, it's a support ticket to...
View ArticleClik here to view.
Re: Agent Offline Rule- recieving alerts but server is up
Is there anything that may be interrupting network traffic (flapping ports, duplicate IPs, etc) that may prevent the LEM from seeing the Agent for a few minutes at a time? Or is the service bouncing?
View ArticleRe: Agent Offline Rule- recieving alerts but server is up
Could be any number of issues, as curtisi pointed out. Anything which interrupts the connection between the agent and manager. A sure way of knowing is by looking at the insertion time and detection...
View ArticleClik here to view.
Re: LEM - Logs on Windows file copy
Logs are generated. On the workstation/server side, you need to enable FIM and monitor the specific directories. For the USB, the USB defender needs to be installed as an option to the agent...
View ArticleRe: Top 6 SANS Essential Categories of Log Reports 2013 in LEM
That Windows Security Logging Esoterica blog is one of my favorites, I am sad that it's no longer maintained. You might also find some of Randy Franklin Smith's past presentations on things like Logon...
View ArticleRe: RECOMMEND LEM ON SPREAD THE WORD FOR A $25 AMAZON GIFT CARD!
What was life like before using SolarWinds? It was alot busier search logs files on each server looking for a needle in a hay stack for sure, now its just a few clicks and I have all the info I...
View ArticleClik here to view.
How to: Create a notification of a port scan and/or sweep using LEM?
Good Morning All, 09/03/2015 - I have edited the title in an attempt to more accurately reflect the question. I would like to know if it is possible to create a Report,Filter, Rule, and/or Alert to...
View ArticleClik here to view.
Re: WSUS events
Here is what i did to pull the WSUS events from the server into LEM.I used the Windows Application Log connector.I hope this works for you guys. Thank you.
View ArticleClik here to view.
Re: How to: Create a notification of a port scan and/or sweep using LEM?
I have a few questions around your question:When you state: "user logs into the network (example: Domain Controller)" are they logging into a server that has the Agent installed locally on the...
View ArticleClik here to view.
RC1 code in LEM 6.2 GA release?
Was watching the console as I performed the upgrade from version 6.0.1 to 6.2 of LEM and saw the following for the swi-sql-dk.deb package: "Version: 6.2.0RC1.87.551337" Just curious if this is by...
View ArticleHello, What is the appropriate connector for Barracuda SSL VPN?
Is it not supported yet or its connector can be replaced with another one?
View ArticleRe: PBX
Hi Guys, Is it possible to get a documentation for how to configure freebpx to send logs to NMP?
View ArticleRe: PBX
Freepbx only provides the GUI for asterisk PBX. You can enable SNMP on asterisk and monitor with NPM. Check notes for asterisk SNMP here:...
View ArticleRe: Rule setup to stop service doesn't work
I recommend starting a case with support for this issue, they should be able to assist.
View ArticleRe: RC1 code in LEM 6.2 GA release?
Looking into this, was probably just a version change oversight.Nothing changed in that package between the RC and GA.But I will look into resolving this, thanks for bringing it to our attention.
View ArticleFilter LEM User Account Modified alerts by Directory Service membership
I've got directory service groups for all privileged groups in AD, and I'm looking for a way to trigger email only if the account is in one of those groups. I have...
View ArticleClik here to view.
Re: Filter LEM User Account Modified alerts by Directory Service membership
This is a silly question, I found my own answer. The logical operator is contextually based on the type of the consequent--drop a group behind the equals sign and magically it changes from an...
View ArticleRe: How to: Create a notification of a port scan and/or sweep using LEM?
There is already a built in rule for portscan - go to Build - Rules and search for portscan.
View ArticleRe: Detecting anomalous levels of user downloads from a SAN
Does the SAN log traffic usage data and export them as logs? I dont think so - I believe you should explore NetFlow monitoring at access or core layer. LEM does support NetFlow sources and a few...
View Article