Re: Explorer Command Agent - Default Agent selection not sticking
I updated to 6.2.1 HF1 (I don't see a download for HF2 in my customer portal)Unfortunately, the same behavior still exists.My web console doesn't allow me to log in. I can type my name and password,...
View ArticleClik here to view.
Re: Explorer Command Agent - Default Agent selection not sticking
There is only 6.2.1 HF1 curtisi was mistaken. Also HF1 only has a few fixes in it mostly in relation to security items. It is good to be on the latest version though.
View ArticleClik here to view.
Re: Explorer Command Agent - Default Agent selection not sticking
It sounds like you're using IE. Can you try the web console in Chrome or Firefox?
View ArticleRe: CISCO ISE AND LEM
Yes this works. Multiple customers have this working after raising the buffer and using the ISE connector. If you are having trouble then I would suggest opening a support ticket. There was a point...
View ArticleRe: LEM - NetFlow & sFlow
The key for the perspective that LEM is responsible for handling logs and NTA is responsible for handling flow is that they get integrated, and a security use case layer gets applied on the NTA side....
View ArticleRe: LEM Agent for Linux sends logs to manager from wrong IP address
The DetectionIP comes from the log itself, so you'd have to take this up on the RedHat end - it might be a matter of changing /etc/hosts or your syslog config to pick up the right interface IP. If you...
View ArticleRe: Email alerts run amok...help
Only speculation that I may have changed an OR with an AND in the rule. Now we're not getting email alerts. I'm getting LEM reports and the test email works, but the rules are not generating emails....
View ArticleRe: LEM - NetFlow & sFlow
I both understand and can see the value in the eventual connecting of the dots between LEM and NTA/Orion. The value is for the correlation/thresholds/alerting of such data. However, with that said I...
View ArticleRe: Email alerts run amok...help
Check the time on the LEM appliance. Is it more than a few minutes off?
View ArticleRe: LEM - NetFlow & sFlow
True. It is technically possible to create a "stack" of LEM appliances for different roles, so flow could be one of those roles, if the use cases matured. The other honest side to that coin is that...
View ArticleRe: Email alerts run amok...help
It is about 8 minutes. Not sure how to update the time on the appliance. I don't see any obvious options in any of the menu options; appliance, ndepth, manager, service or upgrade. Digging into it...
View ArticleRe: Email alerts run amok...help
Updated the NTP server IP and it ran an NTP update command. Time is exact now. Will watch alerts. Thank you! ~Steve
View ArticleClik here to view.
Re: LEM - NetFlow & sFlow
I am certainly on-board with the integrated vision and think it would be great. I just try to look at it from all angles. I still think LEM is a great product and hope that I will be able to continue...
View ArticleLEM session timeout for CMC console
I recently raised a ticket regarding session timeout for CMC console, however it's not yet supported according to technical support, anyone has alternative solution for this? We need to secure all SSH...
View ArticleRe: LEM session timeout for CMC console
Are you working on requirement 6.5.10? LEM is mostly just basic Linux under the hood so perhaps this guide would be of some assistance? Don't know offhand if they do anything unusual that would...
View ArticleRe: LEM session timeout for CMC console
Thanks for the suggestion however we have limited access on Linux shell of our LEM appliance (6.1.0) only Solarwinds support can perform SSH. I would not raise this question if I could be able to do...
View ArticleRe: LEM Agent for Linux sends logs to manager from wrong IP address
I made those changes. It still doesn't change the outcome. The Detection IP is still the private address.
View ArticleClik here to view.
Re: LEM Agent for Linux sends logs to manager from wrong IP address
Here's a couple of lines from /var/log/audit/audit.log: type=USER_START msg=audit(1459948449.045:128516): user pid=9482 uid=10011713 auid=10011713 ses=7110 msg='op=PAM:session_open acct="root"...
View Article