Re: Installing LEM agent on MAC.....
Is this shutdown during the installation of the LEM Agent on MacOS or is this when using some action from the LEM rules?
View ArticleClik here to view.
Issues logging in while generating reports
I'm having an issue with generating reports, I'm getting a message of unable to log in by itself no other numbers, I've generated a log but I am unsure of what it means. Hoping someone here can point...
View ArticleRe: McAfee- LEM
Don't edit that SyslogAlertForwarder format string. check whether NPM node is detecting automatically here in LEM or not. also test with cli "checklogs" tat logs are coming in LEM.
View ArticleRe: McAfee- LEM
Hi, I never edit the format string. LEM do not automatically detect the NPM. Under the checklogs, I do not see any log if i connected directly from McAfee to LEM. I see the log in checklogs if it is...
View ArticleClik here to view.
Logs
I received some logs.But the eventinfo display "???UDP packet from".Why display the "?".How solve?Thanks!
View ArticleRe: Logs
is it a non-English version of Windows? Have you seen the corresponding entry in the Windowe event log?
View ArticleRe: Mastering the filter/rule Creation Engine...
The 'Kill Suspicious Process' works fine indeed...Just make sure the 'Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy\Audit Process...
View ArticleI'm getting the following when trying to create a cert request to our CA and...
We are getting security scanned and they are hitting for self signed certs. I logged into cmc manager-> exportcertrequest to my file share. Copied the entire cert request to our CA, downloaded...
View ArticleRestrictions on SSH access
I have SSH access to our system. However, someone on my staff in my office gets a connection refused when he attempts to connect. Is there a restriction somewhere I have over looked? Rick Duvall LLUMC
View ArticleRe: Restrictions on SSH access
Can you please provide more detail on what you are connecting to, where you are connecting from, and what any AAA services being used?
View ArticleRe: Restrictions on SSH access
Connecting to VM installation of LEM. I am connecting from A.B.13.66 without issue. He is connecting from A.B.13.197. LEM IP is A.192.102.193. He gets an immediate connection refused without a...
View ArticleClik here to view.
Re: Restrictions on SSH access
Check to make sure you have authorization to connect. Such as ACL, group policy, and such.
View ArticleAgent Logging to multiple LEM appliances?
I know that this is probably a silly question but is it possible to configure an agent to log out to multiple LEM appliances?
View ArticleRe: Restrictions on SSH access
I’m sorry if I wasn’t clear. To my knowledge there are no network issues preventing this staff member from reaching the system. He can fun the web gui without issue. Are there settings within the LEM...
View ArticleRe: FireEye MPS Connector
Steve, Are you still having issue with it being discovered as Riverbed WAN Optimization Appliance?
View ArticleRe: Restrictions on SSH access
The LEM appliance listens for SSH on port 32022 instead of 22, so that might be your first thing to validate (easy mistake). If you haven't done a "restrictssh" on the appliance (off by default - that...
View ArticleRe: Agent Logging to multiple LEM appliances?
No, unfortunately not. You could potentially install a second copy of the directory structure and manually install a service, but there might be some weird side effects, especially with FIM if you're...
View ArticleRe: I'm getting the following when trying to create a cert request to our CA...
I see from the case notes you guys are a little confused and hopefully get a follow-up from support. Regarding .cer vs. .pem (you have exported it as .cer from MS but support specified to use .pem),...
View ArticleRe: Logs
This would be my guess, too - LEM isn't very non-English friendly so characters that aren't English can come through as question marks or jibberish. Sometimes we can filter them out, sometimes not.
View Article