Clik here to view.
Re: Identifying the source IP of LEM Alerts in email notifications
Thanks for the help, curtisi.
View ArticleColumns on the Monitor's Event Grid
Hey guys, Is it possible to add or remove columns on the event grid in the monitor tab? Thanks,Diogenes
View ArticleClik here to view.
Re: Columns on the Monitor's Event Grid
No, the columns are defined by the "lowest common denominator" of the events that you have in your filter. IE, a filter for TCPTrafficAudits will have many columns, but a filter based on AnyAlert will...
View Articlesecurity monitoring
Hi I need some ideas about solarwinds LEM. I want to know what logs or events are essential for secure monitoring enviroment. I want to design dashboards so I want to display hot incidents .
View ArticleRe: security monitoring
Hi mahzad, A good place to start is the Log & Event Manager (LEM) Library and Support page. You'll find here plenty of information, documentation, and even tutorials.
View ArticleClik here to view.
Re: security monitoring
What's "hot" and interesting will also depend on your environment and what compliance and monitoring standards you're trying to meet. What's your industry? What compliance and auditing rules are you...
View ArticleRe: security monitoring
we use ISO 27001 and NIST standards,the industry is IT infrastructure for eID card project.
View ArticleClik here to view.
LEM Audit AD changes question
Hello, I am attempting to get LEM to log AD Auditing. So far I have created a rule and it is working. However, I am wanting more information.Currently, it shows what happened (ex. new user created,...
View ArticleRe: LEM Audit AD changes question
Here is what one of the Emails contains: User mike.hunt account properties changed. Summary: uac valuesDate: 2015-12-16 13:48:50.0 I would like to include the details of which administrator made the...
View ArticleRe: Citrix XenApp Connectors
I think that is a Netscaler connector. I've actually just minutes ago got our Netscaler reporting on multiple failed login attempts now. It took a while to get both the Netscaler forwarding the...
View ArticleLinux Auditd and Change Detection
Is anybody else out there using Auditd on Linux with LEM to accomplish Change Detection? If so, would you mind sharing the Auditd configuration you are using?
View ArticleClik here to view.
Re: LEM Audit AD changes question
You'll need to create a mail template with the info that you want, and then populate it in the rule. The field you want is "SourceAccount." This video should help:
View ArticleHow to create alert when a file is not uploaded in time on Serv-U FTP
Hello, I'm a total newbie on LEM and I'm looking for some help to implement a custom alert in LEM. I try to create an email alert to know if some files are not uploaded during a time slot on a FTP...
View Article6.2.0 Update Issues
Have you guys been having many issues with version 6.2.0? Ever since the update my LEM Windows Console, I've constantly had to remove the default widgets on the dashboard (Thwack posts, What's new in...
View ArticleRe: LEM Audit AD changes question
Beautiful. This is exactly what I needed. Thank you curtisi!
View ArticleUser Logon/Logoff (evt ID 4624/4634) with multiple DCs
When looking for user logon/logoff events, I'm seeing duplicate events across all domain controllers. E.G. if we have 4 DCs, each logon/logoff triggers 4 events within a few seconds of each other....
View ArticleClik here to view.
LEM Hardware specs for 150 Million+ events a day
We're trying to spec out some new hardware for our existing LEM. I'm trying to gauge what others are using out there who have equal or more events they are handling on a daily basis. I'm not trying...
View Article