Re: exchange 2013 shows logon failure but no username
Glad you found the fix - sorry we didn't catch this sooner.
View ArticleClik here to view.
Re: Procurve Syslog just stops.
The parsing error looks like two log lines got joined together somehow, you have the start of the next log line in the middle of the first log line and that caused the field mixups. The syslogs rotate...
View ArticleRe: Syslog Issue
How exactly did you determine that the connector did not normalize the log entry? Did you use nDepth? Which firewall is this? Can you post a sample log message from the syslog copy that is "missing"
View ArticleRe: Re: Syslog Issue
Hi thanks for getting back so soon, I performed an nDepth query for any alert from the relevant IP address. I can see entries for the denied ping that I sent (these appear within a minute) but nothing...
View ArticleRe: Syslog Issue
I am not sure I am in a mood to go through a 12 MB zip file Can you provide specific lines from the log that you think are missing?
View ArticleRe: Re: Syslog Issue
Sorry should have though, it is a bit of a beast. Attached is the extracted log cut down to 100 entries all of which don't appear.They were all logged on sunday (26th) performing an ndepth query...
View ArticleRe: Agent Logging to multiple LEM appliances?
Thanks for the quick response nicole pauls! It was a question I received from my engineering team, they didn't specify what the exact use case was. If it's something they push for I will get more use...
View ArticleRe: Supported Data Sources - Palo alto PA-3020 v.5
Hey Nicole, Did this ever get resolved? I have a client inquiring about compatibility of Palo Alto 3000 series devices. Thanks,Kris Maxwell
View ArticleClik here to view.
FIM on 6.0.1
I've got FIM set up to monitor a 'sensitive' folder. I'm getting events on file creates, deletes, and writes. However, when I create a sub-folder underneath the monitored folder, I don't get any...
View ArticleDowngrading LEM appliance to syslog only server??
When we first installed the LEM and configured it to receive data, we found it was locking up intermittently. We contacted support and they recommended we install 2 (maybe 3) servers total. One would...
View Articlecan we use an IP range of addresses in LEM rules, instead of adding a rule...
Hello, we recently added a Linux server and we are creating filters for it. We are looking for a way to filter IPs that don't belong to any of our 3 blocks of IPs, our 3 blocks together have around 300...
View ArticleClik here to view.
Re: Downgrading LEM appliance to syslog only server??
Check out Page 228http://www.solarwinds.com/documentation/LEM/Docs/LEMUserGuide.pdf And for a better explanation check out nicole pauls response in this thread: Managing multiple LEM appliances...
View ArticleClik here to view.
Re: Re: Syslog Issue
Your connector needs an update. The deny keyword is not making it's way to the normalized alert. See normalized events below from your log
View ArticleRe: Syslog Issue
Thanks for looking into this, I'll see if it is possible to get the connector updated via our support contract. Thanks again. Lewis
View ArticleRe: LEM; How to debug email configuration.
I'm actually very curious about this as well, were you ever able to figure this out?
View ArticleClik here to view.
Do you use logs for security and compliance (and maybe IT ops), especially...
NOTE: We closed the below survey, thanks to everyone for your feedback! If you missed out but have thoughts you'd like to share, let me know and we'll find a way to squeeze you in somewhere Hey...
View ArticleRe: Managing multiple LEM appliances
nicole pauls I may have asked this before and I apologize if I have but how is a distributed LEM environment licensed? Do you only need to license the total number of nodes logging to the solution or...
View ArticleRe: Managing multiple LEM appliances
Each virtual appliance has to have a license for the number of nodes it will be managing. On the whole, you are only licensing number of nodes, but if you deploy multiple appliances each individual one...
View ArticleHow can I set up an alert for a new device
I want to set up an alert which I can trigger by turning a Virtual Machines networking on and off. I see how to configure alerts with Alert Manager but I don't understand how to create an alert for a...
View Article