Re: OSSEC-HIDS Connector
Hi, LEM includes an OSSEC response log connector which captures any actions taken by OSSEC, however we do not currently have an OSSEC-HIDS connector. Assuming your LEM is under maintenance, it is best...
View ArticleRe: OSSEC-HIDS Connector
Hi jhynds, thanks for the info, we will ask support team if they can help us.
View ArticleHow to enter new license key?
Hey all, I recently took on a new position, and at some point they had LEM set up and running. I would like to get it updated and back up to a manageable status. At this point, we are on version...
View ArticleClik here to view.
Re: How to enter new license key?
There must have been some issue with the SolarWinds file database as I wasn't able to download any files for quite some time. However, it just started working for me, and was able to download the 5.6...
View ArticleClik here to view.
Re: How do I export all raw data from Logs/Data?
I talked with tech support not too long ago and found that the option to export is still not available.
View ArticleRe: Automatic connector restart
There are some OPSEC session errors where the connector is supposed to automatically reconnect. If this isn't what you're seeing, I'd file a support request/bug report, because it's not supposed to...
View ArticleRe: Ndepth scheduled search limit
I realized today that I'm having this same issue. The text in the email shows 1.4 million total alerts. I realize it should only give me 500,000 of those, according to the support article. But when I...
View ArticleImport VMWare ESX syslog?
After setting up LEM and configuring syslogs on several devices, I realized about 2 months in that I had not turned on the connector for VMWare syslogs and so said logs were not being recorded. I have...
View ArticleRe: Unable to import signed certificate to LEM
This problem seems to be caused by the root CA in the certificate chain not being a trusted public root CA (GeoTrust, Entrust, etc.). Could you double-check your Root CA?
View ArticleNo response from support
I haven't posted here in quite some time, but I have an issue with Technical Support. I have a LEM appliance continuing to show file system errors on one of the mounted file system. I followed the...
View ArticleRe: No response from support
Jeff, Did you get a chance to follow up your ticket with a call to SolarWinds tech support (866.530.8040, Option3)? I normally wait on the phone until one of the SolarWinds Tech Support Engineer's...
View ArticleRe: No response from support
Ditto; if I have an urgent issue, I'll create the ticket online, then call and wait. I'll t/s in the interim.If I get it resolved, easy to close, but at least the process is started and when they pick...
View ArticleRe: No response from support
Hi Jeff, I'm sorry to hear that your Technical Support experience hasn't been satisfactory. Can you please provide me with your Case Number & I'll ensure it's dealt with accordingly. Jamie
View ArticleRe: Import VMWare ESX syslog?
Hey, It may be possible to import your ESX syslogs. You can try this - on a machine that you have the LEM agent installed on, apply the appropriate ESX syslog connector on that agent (via the LEM web...
View ArticleClik here to view.
Re: Import VMWare ESX syslog?
jhynds method should work. Alternatively, Support can root into your appliance and dump the raw logs into LEM via the syslog facilities. One note, though: DETECTION TIME is the original time-stamp on...
View ArticleClik here to view.
unstructured app logs in LEM?
hi. About to try an evaluation of LEM, but wanted to know if it's capable of handling unstructured logs as well as standardized system logs. For example, we would have an application log that is...
View ArticleRe: unstructured app logs in LEM?
AIX NMON Data (and other)LEM can take data from AIX syslog, and we have an AIX Agent for some IBM platforms. For others, you'll need to look at a third-party agent like Patrick Townsend. I don't see...
View ArticleRe: Ndepth scheduled search limit
we are about to upgrade to 6.3.1, let us know if you hear back from Devs.
View ArticleDifferent Events for Manual Backup?
All,I am troubleshooting our Weekly LEM backups. I would like to set up a Rule to email each time the Weekly Backup completes. Searching nDepth, I found the following Events in nDepth when the Weekly...
View ArticleClik here to view.
Solarwinds LEM - Send JSON messages
We have a need to send audit logs to the our LEM system in a JSON format. How would I go about doing this using Solarwinds LEM? I've been able to do this using Splunk and Loggly by using their web...
View Article