Re: Solarwinds LEM redundancy
These are pretty old functions, I think they've been deprecated. They required some manual setup effort, too. As far as I know, you need to either use VMware HA or snapshots and manual "failover."
View ArticleRe: Solarwinds LEM redundancy
Thanks everyone for their advice-it does appear that using a VM-based High Availability or Fault Tolerant configuration is the way to go. We're configuring a test FT environment now to...
View ArticleUserLogonFailure not alerting?
Tried setting up a rule to send an email alert for admin account logon failures and it isnt working. I can view the login failures in Monitor but it wont send the alert. Here is a picture of how I...
View ArticleRe: UserLogonFailure not alerting?
See my comments here for the 2 common reasons why this would happen I see the alerts, but my rule doesn't fire
View ArticleRe: Roadblock Creating Multi-Event Correlation
When yoi use an event group, only the fields that are common to all of them are available for those advanced settings. Are you sure source ip is available for all the events in your event group?
View ArticleCan LEM connect to FireEye and download the event
I want to implement FireEye as IDS/IPS but I want to see the event in Solarwinds LEM
View ArticleTicket system?
I can create a ticket with LEM or LEM can interact with my ticket system?
View ArticleRe: Ticket system?
You can have Rules in LEM and define them so that when certain Events are correlated it can have an Action on the Rule. One of the actions available is to send an email message. Most ticketing...
View ArticleRe: Can LEM connect to FireEye and download the event
You should be able to have FireEye send data to LEM as Syslog.
View ArticleRe: UserLogonFailure not alerting?
Forgetting to click the "apply rule" button always gets me. Don't forget to check that.
View ArticleRe: Ticket system?
Here's a guide I have using LEM and WHD as examples on how to have LEM open tickets automatically. Using Solarwinds Web Help Desk with Patch Manager and Log and Event Manager
View ArticleRe: UserLogonFailure not alerting?
I ended up rebuilding the rule from scratch and it works kind of. Seems it will only alert when an admin account fails to login to sharepoint or a similar service, it doesnt alert when an admin...
View ArticleRe: UserLogonFailure not alerting?
Typically what I have to do is find the events using an nDepth search or in the monitor, and gather the data from that and make the rule match all the fields that way. It's possible your alert is set...
View ArticleFirst time user needs help
HI We're trying to create what is most likely a very simple nDepth report for file deletions on our file server. We have it working but it shows all .tmp and office temp files starting with ~$ when...
View ArticleInstall Linux LEM agent on RHEL 6
Can anyone help with this error. I have tried all I know. [root@centrify solarwinds]# ./setup.binPreparing to install...Extracting the JRE from the installer archive...Unpacking the JRE... gzip:...
View ArticleInstall LEM agent on RHEL 6
Can anyone help with this error? [root@centrify solarwinds]# ./setup.binPreparing to install...Extracting the JRE from the installer archive...Unpacking the JRE... gzip:...
View ArticlenDepth Searches very slow and time out
I am having consistent problems with slow nDepth searches that often timeout on one of my LEM appliances. I have called SW Support and thus far they haven't been able to find anything wrong with my...
View ArticleRe: nDepth Searches very slow and time out
What does your search look like? How far back, how large is the result set when it finally completes? Depending on how you form the search query, it changes how hard LEM has to search for it. For...
View ArticleRe: nDepth Searches very slow and time out
Well, it's not completing so I can't say how large the result set is. I know the appliance takes in about 7 million events per day and my last failed search was for a 48 hour period of time so it...
View Articlesolarwinds receiving SNMP V2 TRAPS (port 161 unreachable)
Greetings, I have been confronted with an unusual situation to where Solarwinds is receiving multiple traps (and logging them accordingly) but when it comes to a specific product (Juniper/Pulse Connect...
View Article