Re: Edit rules with email alerts setup
I always include the alert name variable at the bottom of all alert emails. It doesn't mean anything to the recipient but it sure helped me when people start asking why they are receiving particular...
View ArticleClik here to view.
Re: Windows Log Subscriptions
Thanks, that's what I was getting at. I am testing the log forwarding and have been all week. I had come to the same conclusion as your post. When I changed the destination log to the Windows default...
View ArticleRe: Importing Certificates into LEM trouble
Looks like the same issue I am having, I currently have a case open with support. Are you trying to create the certificate signed by your CA for the Web Server?
View ArticleRe: Zero-day exposed in LEM
The issue in the original post has been fixed in the current release. Unfortunately, other issues have come up.....
View ArticleThree known security issues in LEM 6.2.1
The issues below are documented in a Solarwinds Case opened on February 18. I am still waiting for a fix and/or an estimated time to fix. I did talk to a person in Lehi yesterday that is going to...
View ArticleRe: Zero-day exposed in LEM
rharland2012 Please see the following Thwack thread. Three known security issues in LEM 6.2.1
View ArticleRe: Importing Certificates into LEM trouble
Yesterday LEM support log into LEM with root credentials and cleared the certificates, after they did that I tried again and it worked. Certificate was able to import, but my browser for some reason...
View ArticleRe: Importing Certificates into LEM trouble
I had the same situation with a client two months ago and took almost an hours to import the certificate. SW had to go in and clear the certs and import. Since this is a security tool, you would...
View ArticleRe: Three known security issues in LEM 6.2.1
Has there been any movement on this from the Solarwinds side? Barring an actual fix, it would be very useful to at least have mitigations we can leverage in the meantime on the appliance.
View ArticleClik here to view.
Re: Three known security issues in LEM 6.2.1
This is not a fix but a possible direction. The VMan team used a command similar to the code below except the xxxxx was the port number that was a problem. sudo iptables -A INPUT -p tcp --dport xxxxx...
View ArticleClik here to view.
Does anyone know what this error mean?
Event NameEventInfoInteralErrorErorr not recognizedDescriptionpostBufferData unhandled error I started seen this event in LEM a couple of days ago not sure what it means or what it is trying to tell...
View ArticlePort Scan - LEM
Hello, I have created a Firewall Logon Failure with Inference notification. An email notification was added to the actions which was followed by several notifications being sent out. Checking the...
View ArticleRe: Does anyone know what this error mean?
I think that is a generic error. In other words, I don't think LEM knows what is causing the error. Are you seeing this error repeatedly?
View ArticleUser Defined Group by IP Range?
Is it possible to create a user defined group for an IP range? Does it accept full RegEx? I am trying to create a UDG that represents each of my clients and it seemed the best way to do that would be...
View ArticleLEM filtering for System Name versus IP
I often need to search for logs across a specific set of nodes managed by LEM, when doing this I normally use the "DetectionIP" as the key field. The problem that I am running into is I can't use the...
View ArticleAll Domain Controller Events Filter - zero ???
I am looking in Filters > IT Operations > All Domain Controller Events This count is 0 (zero)I have installed the LEM agent on all of our Domain Controllers (3 of them) Build > GroupsI...
View ArticleClik here to view.
Re: All Domain Controller Events Filter - zero ???
dowshirley, 1. By default the filter is disabled. Did you click on the filter name, and use the Gear icon on top to Enable the filter?2. The filter definition (if you double click on the filter name)...
View ArticleRe: User Defined Group by IP Range?
So, if you are using a manually configured UDG, how do you confirm you are capturing all of the correct nodes since we already established we can't for sure rely on name or IP?
View Article