Re: Help us out - check out the LEM online demo
It just sits on the connecting to demo screen for me and doesn't do anything. IE10
View ArticleClik here to view.
Re: LEM: Trying to tone down the noise
Thanks. This is actually LEM 5.6; when I click the gear to the right of the Rule you mention, then Edit, all I see is what is below. Not sure where you modified the criteria (or even what the criteria...
View ArticleRe: LEM: Trying to tone down the noise
Right. So if you click the tiny square icon to the right of where it says "30 Events within 10 seconds" in the Correlation Time container, you'll see the definition for which events apply. In 5.5,...
View ArticleClik here to view.
Re: LEM: Trying to tone down the noise
OK, so here's what I have to modify Correlation. I assume you modified the previous screen so that it was 10 events within 10 seconds; I added the DestinationPort field (set to Distinct)...
View ArticleRe: LEM: Trying to tone down the noise
That should reduce how frequently the rule triggers. The required behavior should now be that a source talks to a destination on unique destination ports at least 30 times in 10 seconds. Which is the...
View ArticleRe: LEM: Trying to tone down the noise
Now I'm getting some really bizarre behavior. The rule has reset itself to 1 event every 30 seconds with a response window of 1 second. The criteria I defined (in fact, all criteria within the Advanced...
View ArticleSG-200 Add node
Hi, I have exploring the LEM and in this regards trying to add the Cisco SG 200...
View ArticleRe: LEM: Trying to tone down the noise
Yeah, I can see a default rule requiring you to clone it before saving changes, but I've never experienced it changing to random values before. I hope they get that resolved for you.
View ArticleCannot find the MS Exchange Tool, Where can I get it?
I looked everywhere in LEM for the Exchange log monitoring tool but I cannot for the life of me find it. Where can I get it? Or where is it in LEM? Thanks!
View ArticleLEM database
Can anyone tell me the database used by the LEM? Is it PostgresSQL on the Linux appliance and MSSQL on a Windows 2008 server?
View ArticlenDepth Report Logic Changing On Its Own
I reported this issue to Solarwinds while we were on v5.4 and we were informed this was a known issue addressed in v5.6, however it still exists. I created an nDepth report where one of the lines...
View ArticleRe: Ndepth: "No results available" on first seach
I think in the first search case when you drag over from the refine fields into the default empty text search, for some reason it's not replacing it, it's dumping what you see into it. Instead, I think...
View ArticleRe: LEM database
The current version of LEM does not use a SQL database at all; it is backed by a proprietary storage engine based on Lucene. The virtual appliance is indeed on Linux, there is no Windows version.
View ArticleRe: SG-200 Add node
If you're using the "Scan for New Nodes", it's possible there aren't enough events generated in the timeframe we're scanning for to conclusively discover your device. You might need to manually...
View ArticleRe: Vista Alert Detected with NTSecurity Tool??????
From Build > Groups. You can hit + to create a Connector Profile and use one of the agents that you've already fixed as the "Template", then add the other ones after you save it.
View ArticleRe: Issue with custom LEM report
This sounds to me like you haven't upgraded your Reports Console to the latest version. You'll need to install the 5.6 reports console (over the top of your existing install, it's an in-place upgrade)....
View ArticleRe: FEATURE REQUEST - NCR, Radiator Connector
Do you need the multi-line events combined into a single event, or just the single line events? (This adds complexity to our connector development since we have to roll up the lines.)
View ArticleRe: Running Multiple Reports at Once?
You can configure a batch list of reports to run in sequence. You effectively generate a scheduled task for each individual report, then have a master that says "run them in this order" which is what...
View Article