Re: How do I include the Event Log's Description in an email alert?
Hello,When you have an email set up in your alert (or Rule in lem), you can add custom parameters to your email template. Then you have to go back to the rule in question, choose the email template...
View ArticleRe: LEM Oracle Table Read
Hello, It depends on the version of oracle that you are using. I found this article you can use: Integrate the Oracle Database with SolarWinds LEM - SolarWinds Worldwide, LLC. Help and Support
View ArticleClik here to view.
Re: How do I include the Event Log's Description in an email alert?
This is how the event looks in event viewer. I want to include the description lines show below in my email alert.In Solarwinds LEM, I see that this is how it received it. The description is under...
View ArticleRe: How do I include the Event Log's Description in an email alert?
You're trying to build a rule off "AnyAlert" which is a problem for a number of reasons, not least of which is that not every alert has that field. Replace all your "AnyAlerts" with "ServiceWarning"...
View ArticleClik here to view.
Re: How do I include the Event Log's Description in an email alert?
Thank you Curtis, that worked!
View ArticleClik here to view.
Re: traffic but no agent
In the monitor tab go to filters and expand Overview > and select LEM Internal Events Wait until you see the Event InternalRuleFired with the EventInfo The 'Authentication Traffic but No Agent' rule...
View ArticleClik here to view.
Logon After Hours Alert Not Working
I currently have a created rule to alert when users log on after hours, however, it is not functioning properly.I get alerts when we are in production hours (yes my schedule is set up correctly) and I...
View ArticleWindows server 2012 fail to join LEM appliance as agent.
Hello everyone, I've got some wierd issue while trying to add a Windows server 2012 as node (agent) to LEM manager.After I've done installing the agent locally on the server, im getting the following...
View ArticleRe: Windows server 2012 fail to join LEM appliance as agent.
It appears that the LEM Agent can't reach the LEM appliance. Is 172.16.100.222 the right IP for the LEM Manager?
View ArticleRe: thwack Store
You've asked this in the LEM Community, it might get more attention if you ask it in the "Issues" thread for THWACK Store orders. Having issues with an order from the thwack store?
View ArticleRe: traffic but no agent
Authentication Traffic but No Agent - The LEM has received an authentication event, probably from a Domain Controller, originating from a system that does not have an Agent installed (compare source...
View ArticleClik here to view.
Re: Logon After Hours Alert Not Working
The first thing I'd try is removing the naked UserAuthTicket and UserLogon criteria. UserLogon is implied by the fact you're checking for specific values in specific fields, and you're not doing any...
View ArticleRe: Logon After Hours Alert Not Working
I removed them and since I have gotten 0 false positives or any alerts for that matter and I know I should have gotten some.I currently have my Business Hours group set later than people first arrive...
View ArticleClik here to view.
Re: Windows server 2012 fail to join LEM appliance as agent.
TCP port 37893-37896 - used for Return traffic from the SolarWinds LEM appliance to SolarWinds LEM Agents, most likely firewall.
View ArticleRe: Logon After Hours Alert Not Working
Can we have a screenshot of the Time of Day set? Also, I'd use "Detection Time" instead of Insertion Time.
View ArticleClik here to view.
Log & Event Manager API / REST/ Cmdline
Hi, is there a way to access Log & Event Manager via API, REST or Cmdline? I'd like to query data matching a filtered pattern and further process it. Thanks in advance rubensk
View ArticleClik here to view.
LEM losing Events?
Hi, We are starting to see if LEM is a good solution for us. I am little concerned with this event. Does this mean that LEM lost 6256 audit events, and if it did is there anyway to find them?...
View Article