Clik here to view.
Re: Apache Tomcat on Windows Server
Perfect! As long as the "current" file continues with the same name, the connector will reopen it or rewind back to the beginning when it detects it's cleared.
View ArticleW32.Bugbear
Hey folks, a few caveats here, I'm fairly new to LEM, and we have some old hosts. That being said, does anyone have any ideas how I could use LEM to track down the source of a W32.Bugbear infection...
View ArticleRe: LEM multiple appliances?
Well I don't think we are wanting correlations between the engineering nodes and the IT/IS nodes. We essentially want to be able to run two separate LEM accounts under the same license. Also, with...
View ArticleRe: LEM multiple appliances?
You can't run two appliances on the same license, so you'd be looking at two separate licenses for two appliances. The appliances don't share data at all, so they would be completely separate.
View ArticleRe: LEM intigration with #SLACK
Slack has an Email Intigration. we have this setup and working well from LEM.
View ArticleRe: W32.Bugbear
I don't know that we can track down the source, but we could (hypothetically) create a rule that would alert when the behavior of the virus (or any virus) is detected. I made an example: W32.Bugbear...
View ArticleClik here to view.
Clik here to view.
Re: LEM Client Installation - Java Error
Ok the saga continues. So on some recent installs even clearing the temp files did not resolve the problem. LEM was still crashing with a Java Platform has stopped responding message. The OS is...
View ArticleIdentifying the source IP of LEM Alerts in email notifications
I am testing a demo of LEM, and I have a question. How do I configure the alert emails to give me a source name or IP for the events? I received over 400 email alerts from LEM today, but I have no way...
View ArticleClik here to view.
Re: Identifying the source IP of LEM Alerts in email notifications
Can you post a screen-shot of the event from the LEM console? If the source isn't part of the original event (is it in the original event from the node?), then the LEM can't make that info up.
View ArticleRe: Identifying the source IP of LEM Alerts in email notifications
I did find the source IP (aka "Detection IP") in the Console. But I still cannot get the Detection IP to show up in the email alerts.
View ArticleClik here to view.
Re: Identifying the source IP of LEM Alerts in email notifications
Okay, that's easier to solve. If you edit the rule, you'll see it has a "Send E-mail" action, and that action specifies fields. If you're using the Default Template, those fields are "Event Info" and...
View ArticleRe: Identifying the source IP of LEM Alerts in email notifications
Hey curtisi thanks for the help! edock is actually my coworker so i've been trying to help her out too I'm brand new to LEM so its been a bit of learning curve from the other SW products I think we...
View ArticleRe: Citrix XenApp Connectors
Hi All, Have you tried the XenAppServer.xml connector?From its description: "Citrix Secure Gateway Access - XenApp Server" Thanks,Matej
View ArticleRe: Identifying the source IP of LEM Alerts in email notifications
Under build rules, have you clicked the Activate Rules button since disabling your rule?
View ArticleClik here to view.
Re: Identifying the source IP of LEM Alerts in email notifications
So it says Disabled rule in the pic below then here is the event somehow still being triggered and here is the email i just got from my disabled rule Until i disabled the alert it wasn't sending the...
View ArticleRe: Identifying the source IP of LEM Alerts in email notifications
yep clicking activate rule after disabling helped So, after you do any rule changes you need to click activate rules in order to put them into actually effect? Boy i feel dumb
View ArticleMonitoring a managed UPS
Has anyone ever tried to monitor a managed UPS with LEM? If so, what was your experience and are there any recommendations for successful implementation that you can give?
View ArticleRe: Monitoring a managed UPS
You can enable LEM to receive SNMP messages, but there's no alerting or rules on SNMP for LEM. LEM just allows you to search SNMP alerts, there's no rules or alerting off SNMP in LEM. If you want...
View Article