Clik here to view.
Re: Supported Java Versions with Linux and SEM v6.7.2
This might be more of a support question. I only see a reference to JRE version 8 or later for MacOS so I can only assume similar requirements. This was another article I found in case the error you...
View ArticleClik here to view.
Re: Supported Java Versions with Linux and SEM v6.7.2
Thanks jrouviere. I will check it out and post what I find.
View ArticleSEM/LEM - won't add a syslog node
I've added the configuration. and I can see logs in the cmc but, can't add a node.
View ArticleClik here to view.
Re: SEM/LEM - won't add a syslog node
Make sure you have a connector reading the logs. If you're seeing them in CMC then the logs are making it to SEM, but you need to have a connector normalizing the logs for SEM to be reading them and...
View ArticleRe: Check Membership of a Custom Security Group on File Server
Yeah. that sort of where i was leaning also. I just wanted to be sure that i exhausted my options and i wasn't missing something.Thanks for your reply.
View ArticleClik here to view.
Inablility to add custom Tags
I noticed when I upgraded from 6.6.0 to 6.7.1 and 6.7.2 that my custom Tags went missing under Rules. Under the Manager Console I was able to create a Tag but cannot add any rules to the Tag. I also...
View ArticleClik here to view.
Re: Inablility to add custom Tags
When migration to rules to the new console, we focused primarily on out the box tags but the ability to manage tags and create custom tags is certainly an area for future improvement as we continue to...
View ArticleUSB Whitelisting
Hi guys, We are looking to use LEM to implement USB blocking. I understand how to create a whitelist, uploading the PID's of the stick etc. My question is this: Lets just say we have a whitelist with a...
View ArticleClik here to view.
Re: USB Whitelisting
Moved this to the LEM forum for better visibility from those who can possibly answer.
View ArticleClik here to view.
DNS Server Audit - Email alert
Hi there, I am trying to setup email alert for DNS record update alerts. In the action tab, I am targeting to Host incidents as we trying to get alert from internal DNS server if there are any DNS...
View ArticleRe: DNS Server Audit - Email alert
Do you have a sample of the log entry that you want to base your rule on? Once I see the associated fields with that particular entry I can advise on the rule & alert.
View ArticleClik here to view.
Re: USB Whitelisting
No such thing as a silly question, only a silly answer Uploading a text file will overwrite the original whitelist, so you should be maintaining a single file. We're currently working on migrating the...
View ArticleClik here to view.
Re: DNS Server Audit - Email alert
The correlation appears to be looking for a "HostIncident," which can only be generated by the LEM itself. Unless you have another rule that looks for those DNS events under the appropriate taxonomy,...
View ArticleClik here to view.
Re: SEM/LEM - won't add a syslog node
For reference as well, the connector to read the logs for syslog nodes needs to be added at the appliance level and not the node level. If you set it up with the default configurations and are still...
View ArticleClik here to view.
Re: Configuring SSO for LEM
I ran into a couple issues while setting this up in 2019, maybe this helps someone in the future:"Directory Service Server User Name" couldn't be domainname.com\service-account it had to be...
View ArticleRe: Integration of LEM with Orion NPM
Can we do it the other way around? Send alert from Orion to LEM / SEM?
View ArticleClik here to view.
User longo activity
HelloI'm new to SEM and I start seeing some users activity in my user logons dashboardusere 1: "-"user 2: "NT AUTHORITY\ANONYMOUS LOGON" anyone knows where is that comes from.thanks
View ArticleClik here to view.
Re: User longo activity
This may be helpful: NT AUTHORITY\ANONYMOUS LOGON entrry in Event viewer -- > Security log
View ArticleClik here to view.
SEM\LEM not showing all events
Why does LEM nDepth only show 20 events, console show 80k and Cisco show 31kFor the past day I've been struggling with why the events leaving my Cisco switches haven't all shown on LEM. At first I...
View Article