Clik here to view.
Automatic connector restart
We have have redundant firewalls that frequently fail-over. When this happens the configured LEM connector will drop its connection with the firewall log server. Would be great to have a way to have...
View ArticleRe: Automatic connector restart
What type of firewall is this? It sounds like it is Checkpoint and not something that is sending syslog. The connector watches the syslog log file that the firewall sends data to and does not care...
View ArticleClik here to view.
Re: Automatic connector restart
You would be correct. Now I am trying to get an alert setup so that if there are less than 'x' amount of events in 5 minutes from our firewalls, I get an email so I can do a manual restart of the...
View ArticleInfoblox connector
I have looked in the console and read through the documentation and I cannot find any mention of an Infoblox connector. I have Google searched and cannot find any instructions on how to ingest syslog...
View ArticleRe: Infoblox connector
If it is not listed as a connector then this would be a Feature Request to add this coverage. Best thing to do would be to open up a support case because they will be wanting to collect information...
View ArticleClik here to view.
Re: Unable to import signed certificate to LEM
Hi, Is your LEM deployment currently under maintenance? If so, could you please raise a Tech Support ticket. It is likely the root login will be required to resolve the issue, so Tech Support is the...
View ArticleKaspersky Security Center Connector
We have completed the configuration of Kaspersky connector in our LEM appliance (v6.3.1), we would like to know whether the connector is working fine and all Kaspersky Security Center events were...
View ArticleRe: Syslog node names?
That may work for NPM Syslog, but you won't be able to get that access to LEM's database (and the DB isn't SQL).
View ArticleRe: Kaspersky Security Center Connector
You set a "ToolAlias" when you configured the connector. Do an nDepth search for (Event Group) AnyAlert.ToolAlias = [WHATEVER THAT ALIAS WAS] and see if any events are returned.
View ArticleRe: Kaspersky Security Center Connector
Thanks from your prompt responsecurtisi, we will do that
View ArticleRe: Kaspersky Security Center Connector
Hi Curtisi For database connection options, can we use SQL authentication instead of domain authentication?In case of SQL authentication, what is the value should I use for Database Server Connection...
View ArticleClik here to view.
Re: Kaspersky Security Center Connector
You're in the LEM forum here, is this for Log and Event Manager? LEM doesn't use or support SQL, neither can it use SQL authentication for anything.
View ArticleRe: Kaspersky Security Center Connector
This parameter must be defined in creating Kaspersky connector. The default value is: ";IntegratedSecurity=true;InstanceName=KAV_CS_ADMIN_KIT"
View ArticleClik here to view.
Re: Kaspersky Security Center Connector
I don't know of any scenario to change that setting from the default. You'd probably need to talk to Kaspersky about the connection string options.
View ArticleRe: Linux IOSTAT (Disk Read/Write, Wait etc)
Dear Chand, We had completed the Linux IOSTAT information task. This not required to upgrade version but upgrade focus how to collect information from Linux server. If you have MIB (Linux OS MIB) you...
View ArticleRe: Infoblox connector
Thanks wolram! I submitted a feature request. Just waiting to hear back. Thanks again!
View ArticleRe: Kaspersky Security Center Connector
I opened a support ticket and everything was clear from this link:Integrating Kaspersky Administration Kit 8 with SolarWinds LEM - SolarWinds Worldwide, LLC. Help and...
View ArticleClik here to view.
Re: Automatic connector restart
good idea... anyone? curtisi any thoughts? I have the below for ASA and checkpoint.Though approaching it from an event occurrence is also a good idea. Checkpoint throws a session error when it is...
View ArticleRe: Automatic connector restart
I could clean up some formatting, but functionally your rules look solid. I don't have an ASA or Checkpoint to test them with, so you'll have to let us all know how that goes.
View ArticleClik here to view.
OSSEC-HIDS Connector
We need to consolidate our OSSEC-HIDS logs to have one common facility and centralized logging. I would like to ask if someone might have started integrating OSSEC-HIDS to LEM?
View Article