Re: Does LEM offer a generic txt/log file connector that we can use to...
Do I have to open up a case to submit it as a bug?
View ArticleRe: Does LEM offer a generic txt/log file connector that we can use to...
It's easier for us to track that way, I can put the issue in as well but by dropping it in the support queue it follows a more 'normal' procedure. Either way, a log sample and what you'd like to see...
View ArticleLEM doesnt find my node (cisco router) i can send syslog messages to my PC...
I want to configure my router to send ccsip messages and ccapi inout messages to log and event view but the server doesn't find the router sending the events....is this sort of logging not supported,...
View ArticleRe: LEM's restrictconsole and restrictreports command has no effect
Have you re-ran restrictreports since upgrading to 5.7? I can confirm there are some lingering issues with restrictconsole - we're working on fixes that should be in our next release.
View ArticleRe: LEM's restrictconsole and restrictreports command has no effect
Ok , thank you.Ver 5.7 is test LAB , In order to test restrictconsole and restrictreports command.The next version about when to release ?
View ArticleRe: LEM's restrictconsole and restrictreports command has no effect
There were issues with restrictreports in 5.6 (not all ports were blocked as expected) but 5.7 should have resolved them going forward - it won't necessarily retroactively apply to existing settings,...
View ArticleRe: LEM doesnt find my node (cisco router) i can send syslog messages to my...
It might be that there aren't enough messages yet for the scan for new nodes to pick it up. You can always configure a connector manually from Manage > Appliances > Gear on the left >...
View ArticleConnector for Microsoft Threat Management Gateway Will Not Turn On
Environment: I have an LEM, build 5.5.0I have three Microsoft Forefront Threat Management Gateway servers, all version 7.0.9193.500 (which is version 2010; Service Pack 2; no rollups)I have LEM agents...
View ArticleLEM LDAP Authentication logs
Hi, We use AD (2012) to get authentication for Radius (VPN), web applications as well as Ubuntu machines also use AD (via Centrify) to login. My question is : how to get login//authentication logs of...
View ArticleVolume of syslog/SNMP traps,LEM can handle per hour ??
Hello ,, Kiwi syslog can handle 2 millions syslog message an hour(without any rules) so does any limitation has been marked for LEM ?
View ArticleConsole node profile filter selection
On the console node screen add the ability to filter the nodes based on a Profile that is blank.
View ArticleConsole: add ability to query the node list
add ability to query the node list: 1) Duplicate IP addresses and/or node names. 2) in the search add the ability to query one item while excluding another. 3) ability to select...
View ArticleRe: Console node profile filter selection
ehyatt if you would, please create an idea in the feature request section. This will allow the community to vote on its functionality. Thanks! Log & Event Feature Requests
View ArticleRe: Console: add ability to query the node list
ehyatt This would be best suited for a feature request. Log & Event Feature Requests
View ArticleLEM Thoughts of the Week: Detecting the Target Breach?
Hey All, Trying a new LEM idea courtesy byrona - a LEM/SIEM topic of the week. I'll try to post a topic related to security and log data once a week, you toss in your two cents based on your experience...
View ArticleRe: Volume of syslog/SNMP traps,LEM can handle per hour ??
There is no explicit limit on the amount of syslog/SNMP trap volume per hour with LEM. Without any correlation rules and only storing in the raw log store, we're talking tens of thousands per second....
View ArticleRe: LEM LDAP Authentication logs
If everyone is using Active Directory, all of the authentication activity should also be logged in AD. You'll need to monitor the Windows Security Logs on all Domain Controllers in your Active...
View ArticleRe: Connector for Microsoft Threat Management Gateway Will Not Turn On
Hey Craig, what do you see in the "LEM Internal Events" filter? Any errors or events related to the TMG connector? You might also check the agent's log (usually c:\windows\system32 (or syswow64 on...
View ArticleRe: LEM Thoughts of the Week: Detecting the Target Breach?
Well, since I had suggested this I guess it appropriate for me to be one of the first people to comment. I actually have a lot of comments swirling around in my head regarding this so I will do my...
View Article