Clik here to view.
Re: threat intelligence events
Thanks curtisi. That one example kind of makes sense, but most of them don't. For example, the source 101.193.65.161 is Asia Pacific Network with destination 201.94.92.90 which is Uruguay. It doesn't...
View ArticleClik here to view.
Cisco Catalyst switch
I'm trying to setup logging for cisco catalyst switches. I have the switches setup, some of the switches, the log and event manager will find and receive logs and others they won't. On the ones that...
View ArticleFailed login - uname
we are getting started with LEM, and have it emailing failed authentication attempts.. bu in the event it shows ***** as the uname? Is there anyway to see the actual username
View ArticleRe: Cisco Catalyst switch
Can you run: sho run | inc logg On one of the switches that works and one that doesn't and compare them?
View ArticleClik here to view.
Re: Failed login - uname
The data displayed in LEM is what was contained in the original event on the originating device / node.You may have to look at the source to see if there is a configuration to display the username...
View ArticleRe: Failed login - uname
The username on the ASA is displayed as clear text, the password is displayed as *******
View ArticleRe: Cisco Catalyst switch
I have found that when I try to add the switches in that working as nodes the log and event manager doesn't find them as a new node. The ones that working I added just fine.
View ArticleRe: Cisco Catalyst switch
I ran that and they are both the same. One thing I noticed, on the test messages I create in the log and event manager it the logs the event info as Unmatched CiscoIOS Data
View ArticleRe: Cisco Catalyst switch
Are you perhaps running into a license limitation? LEM is licensed by node count, much like many of the other SolarWinds products. I believe it will just reject additional nodes once you reach the...
View ArticleRe: Cisco Catalyst switch
I'm thinking it it because we were out of universal licenses, how can you change the license type to workstations? All the servers running a Microsoft server OS using a universal license, can that be...
View ArticleRe: Cisco Catalyst switch
I was just wondering if a windows server had to be used as a universal license since those are for non workstations , so I viewed a universal license anything that doesn't run a windows OS, like...
View ArticleRe: Cisco Catalyst switch
I'm not certain doing so would be ethical, if possible. If I am understanding the question, that would be circumventing the enterprise licensing for a cheaper model and taking advantage of the...
View ArticleRe: Cisco Catalyst switch
Right on--I hope you don't think I was making an assumption. I just wanted to be on the same page. I'm not certain on every variable LEM uses to determine the license needed, but I would make a guess...
View ArticleClik here to view.
Re: Failed login - uname
It may be a normalization error. Are you on the latest version of the Cisco IOS connector? Can you update and see if the issue persists? Otherwise, this will need to go to Support.
View ArticleRe: Cisco Catalyst switch
Universal Node licenses are consumed by Windows Servers, Linux, Unix, MacOS and any syslog device. Workstation licenses can only be used to cover Windows XP, Vista, 7, 8 and 10. There isn't a way to...
View ArticleClik here to view.
LEM not saving my credentials
I am on 6.3.1, and ever since we upgraded to this version LEM will not save my credentials and auto login. This is extremely frustrating since my AD username along with the FQDN is over 30 characters....
View ArticleCheckpoint Firewall monitoring using LEM
Hello There, Is it possible to monitor Checkpoint Firewall using Syslog by LEM? If yes, please guide me what versions of Checkpoint Gaia are supported and relevant configuration for the same. Thank you.
View ArticleRe: Checkpoint Firewall monitoring using LEM
Checkpoint devices don't seem to really like syslog, but we do have an integration using their Opsec NG applications. Integrating Check Point with SolarWinds LEM - SolarWinds Worldwide, LLC. Help and...
View Article