Re: Roadblock Creating Multi-Event Correlation
This seems to be the issue. I narrowed my event group down to 3 event types, and I was able to perform advanced settings on source IP. While that is the answer... I can't help but be frustrated by the...
View ArticleRe: nDepth Searches very slow and time out
Fundamentally, I agree - the data is there, and you should be able to reach it. The reality is with search that the more complex your search, the larger the results, and the farther back you want to...
View ArticleRe: Roadblock Creating Multi-Event Correlation
The event-centric not device-centric approach to the event taxonomy can certainly be confusing, and frustrating to reverse engineer. The connectors decide where to map something when they parse the...
View ArticleRe: Install Linux LEM agent on RHEL 6
Did you try re-downloading, and double check the architecture you downloaded for?
View Articlesimple LEM filter for error event on a specific server
i am trying to create a simple LEM filter for an error event containing certain text that happens on a specific server. i figure this is pretty simple, but i am refreshing myself with LEM and...
View ArticleRe: First time user needs help
You should be able to use "not equals" logic to eliminate them. Add another of the same field but instead of = click on it to toggle it to <> (not equals).
View ArticleClik here to view.
Re: First time user needs help
Hey, To add a visual to Nicole's response, your search query should look something like this: This query will show File Deletions excluding file names that contain tmp or ~
View ArticleClik here to view.
Re: First time user needs help
is this correct because i'm still getting office temp files showing in the results
View ArticleClik here to view.
Re: First time user needs help
sorry when you say "add another of the same field" i'm not sure which field you mean. this is what i've got so far and this works by leaving out tmp files but i still get the office ones. i wondered if...
View ArticleClik here to view.
Re: First time user needs help
That works It's probably complaining about the leading asterisks in the search terms, you might have to play with it a little. If you do the same thing you did with "tmp" there and add the $ (or...
View ArticleRe: First time user needs help
not having much luck with that. I can get it to work fine for tmp but not with ~$ or ~ or $ with or without *
View ArticleLEM : Server has a weak ephemeral Diffie-Hellman public key
after a server reboot, LEM is now coming up as Server has a WEAK EPHEMERAL DIFFIE-HELLMAN PUBLIC KEY .. i have tried the chrome shortcut workaround .. still no go. any help on this issue that just...
View ArticleRe: nDepth Searches very slow and time out
Yeah, I actually have my timeout set to 30 minutes and the histogram never gets to the point of drawing anything out. More and more I think my issue may be related to Storage IOP's and Latency issues....
View ArticleClik here to view.
Re: LEM : Server has a weak ephemeral Diffie-Hellman public key
Try Firefox. Do this:Go to about:config. Search for these:security.ssl3.dhe_rsa_aes_128_sha security.ssl3.dhe_rsa_aes_256_sha By default, these are set to TRUE. Set them to FALSE in order to allow...
View ArticleRe: LEM : Server has a weak ephemeral Diffie-Hellman public key
its a self-signed cert and will only be locally accessed from the console. i could use firefox, but i am more interested in actually 'fixing' the problem than changing browsers ... so how can i fix...
View ArticleClik here to view.
Re: I see the alerts, but my rule doesn't fire
could you send me screenshot of the rules you created to catch user modifications/updates/adds i am having a terrible time getting my filters/rules to catch any user modifications/updates/adds within...
View ArticleClik here to view.
Re: LEM Log Retention settings
hi guys .need your help in installing the report manager . please guide me step by step how to install . thanks
View ArticleRetrieve LEM logon attempt failures
Hi all Is there a way to retrieve LEM logs(especially Logon attempt failures) from its database to any sort of format. the domain was hacked, so we want to see logon attempts from the past few days....
View ArticleRe: nDepth Searches very slow and time out
I'm having the same issue. The n-Depth search is good if you're looking at quite current data (the last hour or two is very quick), but when I go back or try to take a weekly view it grinds to a halt,...
View ArticleClik here to view.
Re: nDepth Searches very slow and time out
The performance here is really a concern. When you consider my deployment isn't even considered that large based on what LEM is supposedly capable of and also by what the SolarWinds support folks have...
View Article