Re: IIS 7.5 W3C Log Collection
Did either of you have to restart IIS as part of step no.4 to get the logging to work?
View ArticleBash shell vulnerability in LEM
Been reading about this Bash shell vulnerability that could be exploited so ran the test on my LEM appliance and confirmed it is also affected by the bug. Will an update be released?...
View ArticleRe: Bash shell vulnerability in LEM
Hi Jamie, We are investigating the issue internally. Assuming like you say the LEM appliance is vulnerable, there are a few mitigating factors:LEM customers use a limited access shell to manage and...
View ArticleNDepth "Schedule" button greyed out... What are the conditions that enable it...
Hi guys... I've noticed that my NDepth "Schedule" button is greyed out... I've tried fiddling with all sorts of query changes but can't get it to be clickable. What are the conditions that enable it to...
View ArticleClik here to view.
Re: NDepth "Schedule" button greyed out... What are the conditions that...
As long as it is not running an nDepth query, the schedule option should be available. Try saving the search, and click on the saved search and use the Gear icon
View ArticleRe: NDepth "Schedule" button greyed out... What are the conditions that...
I am certain that nobody is running an ndepth query at the moment and it is still greyed out from both the saved searches gear icon and the main ndepth gear icon. There was a standard ndepth query run...
View ArticleRe: Node name resolution in LEM
Regarding agent nodes, where on a Ubuntu server would that be pulling the information from? Also would like a feature request to allow renaming.
View ArticleRe: Help us out - check out the LEM online demo
Looks like the demo is having issues in IE. Works great in Chrome though. Edit: Looks like it eventually loads, it just takes a loooong time. Thanks,Chrystal Taylor
View ArticleRe: Node name resolution in LEM
found this on "ccie pursuit blog" site:logging origin-id hostname logging origin-idr4(config)#logg origin-id ? hostname Use origin hostname as ID ip Use origin IP address as ID string...
View ArticleRe: Bash shell vulnerability in LEM
In case you missed it: ShellShock Vulnerability and SolarWinds Products LEM does have a vulnerable bash version, but it is not possible to exploit. We'll update in an upcoming release regardless.
View ArticleRe: Help us out - check out the LEM online demo
Yeah, definitely - we're not sure what happened on the IE side to cause this issue. We're hoping to find a hot fix or MS patch miracle but so far no luck. We're seeing it on customer deployments, too.
View ArticleClik here to view.
Re: NDepth "Schedule" button greyed out... What are the conditions that...
Did you save the search first? That is a key step
View ArticleClik here to view.
User roles privilege rights
Under the view role, I can see a list of "Area" that a role could "Access", "Modify" and "Audit". For example, an administrator could audit but not access the filter output. Actually, what is the...
View ArticleClik here to view.
Re: FIM is setup. Getting .tmp alerts
Here is a screenshot Let me know if this works if you want more information.
View ArticleRe: NDepth "Schedule" button greyed out... What are the conditions that...
yes lol... the report is saved ... The basic saved reports didn't work either... There is an update though. I was previously trying to schedule using the LEM desktop console application (it generally...
View ArticleRe: Rule Request - Admins Browsing the Web
This should work. I'll implement it and see what happens. I guess I should have elaborated a bit more earlier....my only focus is on the servers. Admins are the only ones that have access. There should...
View ArticleLEM; How to debug email configuration.
I have an Email Active Response connector in our manager (LEM appliance). It is not sending any emails. The email test generates and event "Name: InternalCommands EventInfo: Initiated Action: Send...
View ArticleClik here to view.
Do you use logs for security and compliance (and maybe IT ops), especially...
Hey everyone, We're doing some research into how you use log data for security and compliance, and how that overlaps with how you use log data for IT operations. If you use LEM, Kiwi, or NPM/SAM, or...
View ArticleClik here to view.
CIDR Notation for LEM rule
Hi, I would like create a rule in LEM that will give me an alert whenever it detects any logins failed or successful from external IP (Public IP). I plan to use the filter below (sample only for...
View ArticleRe: Rule Request - Admins Browsing the Web
Already, may have missed a step somewhere. I did the first portion of the rule: ProcessStart.ImageFile = iexplore.exe And that would be marked as an incident. Well nothing happened. Worked on the 6.0.1...
View Article