Re: Does anyone know what this error mean?
I found out that it was LEM queuing alerts on memory, did a remote session and LEM support rooted into LEM and solved the issue.
View ArticleClik here to view.
Re: Three known security issues in LEM 6.2.1
Nicole, I have attended two of your live LEM events and met you in person at Thwack Camp 2015. I was the lone non-Solarwinds employee in the room at Thwack Camp. Now I know what the inside of a...
View ArticleRe: User Defined Group by IP Range?
It's definitely not ideally scalable. For non-agent nodes, I popped in the hostname* for all my devices that might report by hostname, and the IP ranges. For agents, the connector profiles regularly...
View ArticleRe: Three known security issues in LEM 6.2.1
Thanks RT. I know we discussed Slowloris before I left SolarWinds, I was surprised I couldn't find a blog post or comment. One mitigating factor to many of the tomcat (and related) attacks are that...
View ArticleRe: User Defined Group by IP Range?
So if it's an agent node will the DetectionIP always be the system name as reported by the agent? That bit about the rule to catch things that you don't know about is awesome, I am totally going to use...
View ArticleRe: User Defined Group by IP Range?
It should always be the system name as reported by the agent, but we are also reading from log files as well. Windows event log will stay consistent, but if you get outside reading other log files...
View ArticleScheduled Search 10MB limit
I was curious if there is a way to remove the 10MB limit that the scheduled searches currently have on the CSV file that they will create? I want to be sure that when I have a scheduled search that it...
View ArticleRe: Scheduled Search 10MB limit
There is currently no way to remove that 10MB limit, but if you can reduce what you are querying then that may help to be below the limit. Reports were meant for the larger sets of data collection.
View ArticleClik here to view.
Re: Scheduled Search 10MB limit
We are a managed service provider and my requirement is to provide logs to clients. The best way I can figure to do this is to use a UDG where I capture all of the clients systems and then do a...
View ArticleShow me how link ?
After upgrading to LEM 6.2.1, there's the What's New in LEM 6.2.1 section, and at the top is "Threat Intelligence Feed" with a Show Me How link. The link doesn't take you anywhere that shows you...
View Articlecmc: :cmm# exportcert error
When I'm running this command I'm getting a failure: sh: Syntax error: EOF in backquote substitutionFailure:cp: cannot stat `/usr/local/contego/scripts/certs/cacert.pem': No such file or directory Does...
View ArticleClik here to view.
Re: Port Scan - LEM
On top of this question I would like to know if my network traffic can see the rise ...
View ArticleRemote Agent not installing Windows LEM Agent
We are attempting to remotely install the LEM agent using a local Admin account on the destination server. We don't receive any error messages during the installation. When we look at the server, we...
View ArticleRe: Email template and rules
Hi Yes - it is the correct template. As you can see in the actual email that gets received, it doesn't include any of the parameters, such as "$DetectionTime" $EventInfo $SeverityDetection time:...
View ArticleRe: Remote Agent not installing Windows LEM Agent
When the installer runs it needs to also talk to services on the machine and the registry. It may be that it thought everything was good, but in fact it was unable to add the service using sc.exe or...
View ArticleRe: Remote Agent not installing Windows LEM Agent
Thanks. Is there a way of turning on logging for the entire remote process so that we can see where it is getting stuck. It is frustrating that the Remote agent installer is telling us that it is...
View ArticleRe: Remote Agent not installing Windows LEM Agent
It is an InstallAnywhere installer, so you can hold down the Ctrl key before it reaches 100% right after you click it. Then a command window will pop up saying what is happening in the background....
View ArticleRe: Remote Agent not installing Windows LEM Agent
Okay thanks... I will give that a try! Scott
View ArticleRe: Remote Agent not installing Windows LEM Agent
Okay. Here is the answer. We needed to login to our server running the remote agent installer with the SAME credentials as you specify in the InstallAnywhere client. It immediately resolved the...
View ArticleRe: Three known security issues in LEM 6.2.1
I am happy to report that the Critical level issue Java Deserialization Remote Code Execution remote rmi 10009 TCP is fixed!!!! I got a call today from support and they were able to get this one off...
View Article