Re: Can we rebrand the reports?
Task Scheduler: Try running Reports with the right-click "Run as Administrator" option. Rebranding: Yes, change the logo file here: C:\Program Files (x86)\SolarWinds Log and Event Manager Reports\Reports
View ArticleRe: LEM Agent on CentOS
1) You need to configure the Agent (Manage --> Nodes) with the connectors for the data that server is receiving, and point the connectors at the right file locations on Linux file system.2) No.3)...
View ArticleRe: How to customized reports solarwinds LEM
There is a logo file here: C:\Program Files (x86)\SolarWinds Log and Event Manager Reports\CustomReportsThat could be changed and might affect the logo on custom reports only. That is all the...
View ArticleRestarting a process
We have the ability to start/stop a Windows Service but we only have the ability to Stop a process - is this correct or has anyone been able to work out a way to restart a process also? Is there a way...
View ArticleIs there a way to see how much storage an individual node is responsible for...
Is there a way to see how much storage an individual node is responsible for in LEM? If not, how do you estimate storage requirements when looking to add devices?
View Articlesuspicious DNS traffic rule
We have recently added checkpoint and the "suspicious DNS traffic" rule is triggering incidents. We have identified the DC as per the templates but are trying to decrease incidents.
View ArticleRe: Restarting a process
LEM can't start a process or run a script directly, but you can have LEM send alerts to other tools (like SAM) that will execute scripts and other actions.
View ArticleRe: suspicious DNS traffic rule
It sounds like you've already started modifying the Approved DNS Servers User Defined Group, so is there traffic in/out on port 53 to any other devices?
View ArticleClik here to view.
Re: suspicious DNS traffic rule
yes i have setup all my DCs but i still see traffic in/out on port 53 ... thoughts?
View ArticleRe: suspicious DNS traffic rule
Go to nDepth, and do a search for TCPTrafficAudit.DestinationPort = 53 AND TCPTrafficAudit.DestinationMachine =/= Approved DNS Server UDG What comes up?
View ArticleRe: suspicious DNS traffic rule
Can I use a connector group vs a UDG for approved DNS server?
View ArticleRe: suspicious DNS traffic rule
Assuming it has all the relevant machines in it, sure. :-)
View ArticleRe: suspicious DNS traffic rule
( ( ( "Event Name" = TCPTrafficAudit ) AND ( DestinationPort = 53 ) ) AND ( ( "Event Name" = TCPTrafficAudit ) AND ( DestinationMachine outside::{ "Windows Server 2003 - DC" } ) ) ) AND ( ( "Event...
View ArticleRe: suspicious DNS traffic rule
Sounds like you need to exempt your firewall from that rule, then. Maybe it's doing some DNS caching at the border?
View ArticleRe: Is there a way to see how much storage an individual node is responsible...
I think the closest you can get would be to check out some of the "Database Maintenance" reports in LEM Reports. You might find some interesting statistics there.
View ArticleRe: Is there a way to see how much storage an individual node is responsible...
Also, there was a white paper put up on solarwinds.com a while back about estimating log generation, where some loose guidelines were given - registration required: Estimating Log Generation for...
View ArticleClik here to view.
Re: Is there a way to see how much storage an individual node is responsible...
Thanks! I have been using the Database Maintenance reports but they only show the log size as a whole, I can't drill down to a single device. Thanks for the link to the whitepaper, that will be helpful!
View ArticleAgent Log Forwarding?
In our environment, we are about to have three different networks. For simplicity, I will call them A, B, and C. The situation:Network A can talk to Network B.Network B can talk to Network C.Network A...
View ArticleClik here to view.
Clik here to view.
How to update LEM agent when changing host IP?
Hi All, How can I update the LEM agent config on a Windows Server if I change the server's IP? The new IP is not updated in the Node Manager. Is reinstalling LEM agent the only way to update IP?
View Article