Cisco ISE with LEM
Hi Guys, I have configured my ISE to send logs to the LEM, but don't get anything. Is there a documentation for this or something. I have seen many people have issues with this.Any help will be...
View ArticleRe: Reporting on LEM
Odds are then that you do not have it enabled as it is not enabled by default.It is a connector that you are able to set up.
View ArticleRe: Cisco ISE with LEM
Have you configured the Cisco ISE connector on the LEM Appliance to read the logs that you're sending?
View ArticleClik here to view.
Re: Reporting on LEM
Log and Event Manager can collect File Auditing information a couple ways. One, it can collect native file auditing info from the OS. This would require that you have the LEM Agent on the interesting...
View ArticleRe: Cisco ISE with LEM
Also make sure you set the Cisco ISE to send the data at max length 8196. It is in the settings of Cisco ISE syslog sending. Otherwise you will be sending truncated lines.
View ArticleClik here to view.
Re: Domain Admin\Non-Domain Admin reports
There are a number of Authentication reports in the Reports Console, and they can be filtered by whole or partial user names. Have you looked at that?
View ArticleHDD Space warnings
Anyone know of an easy way to set up alerts from the LEM so that it will email alerts when a hdd drops below 15% available?Edit: I know there is a rule for "disk nearly full" but I would like to adjust...
View ArticleRe: Cisco ISE with LEM
Yes i did configure the connector and set the data at max length. But still nothing.
View ArticleClik here to view.
Re: HDD Space warnings
Hi, In order for LEM to alert on low disk space, Windows needs to trigger the Event ID 2013. LEM can then alert if this event appears in your logs. In order to adjust the threshold at which Windows...
View ArticleClik here to view.
Re: Windows Firewall Logs
Hey, Do you have the LEM agent installed on the node you wish to collect the firewall logs from? Once the agent is installed, go to Manage - Nodes within LEM & then click on the node in question...
View ArticleLEM: Temp filesystem is over 90% full
I'm new at managing our company's Log & Event Manager application and am trying to discover the cause of a problem that I've noticed over the past couple of days where LEM will display an incident...
View ArticleRe: LEM: Temp filesystem is over 90% full
Call support Your database is not inserting data and is queuing up. I can see that by the line:"Database Queue(s): 5.1G (12679286 alerts queued, 187196 alerts waiting in memory)" Note sometimes this...
View ArticleBuilding rules in LEM6.1
I recently had a Tool Alias stop working. The Tool Alias was for my firewalls. What I'd like to do is have LEM tell me when a Tool Alias has not received any data for a short amount of time. Is this...
View ArticleClik here to view.
Re: HDD Space warnings
Have you had success with that reg edit?I am attempting to test it on a 2003 box (which the guide says it works on) and I'm still not getting the alert.
View ArticleLEM and Maximizing Disk IO and VMWare Optimization
LEM operability, responsiveness, and report generation has always seemed to be an issue. As we understand hardware functionality, Disk IO, CPU, and Memory are important factors for successful operation...
View ArticleLogins after hours report
How do you have your LEM alert you of after hour logins?The default template yielded no responses when tested and when I expanded it to just "logon" and "Source Domain" We received a few hundred emails...
View ArticleRe: Logins after hours report
The email rush was from service accounts and automated vendor accounts.I could have it ignore those, but we got reports from people who had left for the day but their workstation was locked.We also got...
View ArticleRe: Repurpose old TriGeo LEM Dell R610, can't update BIOS?
Trying to run "R610-060400C.exe" under Windows 7 x64 gives the "unsupported 16-bit application" pop-up that would characterize it as an old-style DOS app. You're right, though. I didn't do what Dell...
View ArticleRe: LEM: Temp filesystem is over 90% full
Thanks wolram, I guess that would make sense. I have opened a ticket with Solarwinds.
View ArticleClik here to view.
Re: HDD Space warnings
Additionally, I just attempted it with my Win10 pc and got no alerts or events.
View Article