Re: Three known security issues in LEM 6.2.1
RT - what did they do to fix this security issue? I am still waiting to hear back from them when they find a fix on this. thanks, Paul
View ArticleClik here to view.
Re: Three known security issues in LEM 6.2.1
FC, It was similar too the coding used below but it covered a small range of ports.... sudo iptables -A INPUT -p tcp --dport xxxxx -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT RT
View ArticleRe: Checkpoint connector stops frequently
First, I would upgrade to LEM 6.2.1 and make sure that you have the latest connectors installed on the LEM to see if we can stop the problem entirely. Second, when the connector stops, if you pull a...
View ArticleHow often do you restart your LEM appliance?
Just a random thought.... How many of you regularly restart your LEM appliance if at all? (Weekly,Monthly, Quarterly, Yearly... Never?)Am wondering if you think it is worthwhile doing it on a regular...
View ArticleClik here to view.
LEM / RHEL7 - No Log Data
Hello, BackgroundWe are just rolling out LEM (6.2) and have hit a speed bump while configuring our Linux infrastructure for LEM. After installing the linux agent on a RHEL 7 box (first one we've...
View ArticleDetermine when a user logs on/off for the day
I could use some help figuring out a way to determine when a particular user has logged in for the day, and when they stopped working for the day. The user in question uses a laptop that goes home...
View ArticleClik here to view.
LEM Retention Alerting?
I was curious if there is a way to alert when the data-retention in LEM drops below a specified number of days? I need to retain data for a year so I would like to set a threshold to be alerted if the...
View ArticleRe: How often do you restart your LEM appliance?
Monthly. I do Host OS updates, and then reboot it all.
View ArticleRe: How often do you restart your LEM appliance?
You're doing monthly host OS updates on a LEM? How do you do that?
View ArticleClik here to view.
Re: File monitoring on Linux
The auditd log is what captures those events in Linux, and LEM has a reader for the auditd.log. The only trick is that different distros may move auditd.log around or change the name, so you'll have...
View ArticleRe: How often do you restart your LEM appliance?
The LEM is a virtual. It runs on a host. We update the host.
View ArticleRe: How often do you restart your LEM appliance?
Resource constraints... never experienced that... hmmmm.....
View ArticleRe: How often do you restart your LEM appliance?
Oh! Okay, I get it. I was like..."Wait, there are OS updates for LEM out there once a month? Why did no one tell me?!"
View ArticleRe: Three known security issues in LEM 6.2.1
Hi everyone, We have released a hotfix that addresses the following: CVE-2015-7501: Deserialization vulnerability in the Apache® Commons-Collections libraryCVE-2015-3269: BlazeDS XML External Entity...
View ArticleRe: LEM; How to debug email configuration.
If the test email worked but the correlation rules are not firing (and hence not sending email notifications), it is most likely a time sync issue. Check this discussion Re: I see the alerts, but my...
View ArticleRe: Checkpoint connector stops frequently
Upgraded to the latest version. waiting to see if the problem will occur again. Thanks
View ArticleClik here to view.
Re: Checkpoint connector stops frequently
thanks. I might have to upgrade my RAM too ..Thanks
View ArticleClik here to view.
Re: Three known security issues in LEM 6.2.1
wolram we had to re-run the 6.2.1 upgrade before installing the LEM 6.2.1-hotfix1 from above. LEM is now rated a "B" and it will go to an "A" when Development gets the Slowloris issue...
View Article