Clik here to view.
User Privileges
What's the difference between the "Modify" and "Audit" privileges for user roles in LEM? I'm assuming "Access" means they can just view the area. Myself and my co-administrator need to have full...
View ArticleClik here to view.
Re: User Privileges
So I created a couple test users in my lab, an Auditor role and a Monitor role. Using the "Rules" section as an example, this is what the Monitor user has: And if I log in as that user and try to...
View ArticleUSB authorized group
I'm wondering how to setup a USB authorized group. I'm looking at the AUTHORIZED USB DEVICES group and it's asking for Name, Data and Description. What exactly do I need to input for it to understand...
View ArticleClik here to view.
Re: Group containing a network for rule filter?
Very old thread I know, but since I'm dealing with something similar I figured I'd add this just in case anyone else came across this when searching like I have. Wild cards are probably a much better...
View ArticleAdd user who made AD change to alert we receive from LEM
We have alerts setup that we get when a user is created or disabled in Active Directory. We would like to add the username of the person who made that change to the alert. Is there a variable for...
View ArticleRe: USB authorized group
1. Create a Group2. Create a Rule Group: Name it whatever such as USB Whitelist or Authorize USB ListName the deivce whatever you want. I ususally name it as it is detected from the Event Info, such...
View ArticleRe: USB authorized group
Oh, I blocked all USBs when I got this system 6 years ago! LOL.Just get in there and test everything with only your pc or account. You can set up email notifications to let you know when users are...
View ArticleRe: Add user who made AD change to alert we receive from LEM
Assuming you're using the NewDomainMember event, the account that made the change would be NewDomainMember.SourceAccount
View ArticleRe: Add user who made AD change to alert we receive from LEM
How can I add it in? It won't let me drag and drop into actions
View ArticleRe: Add user who made AD change to alert we receive from LEM
First, you'd need find the e-mail template that's being used for this alert and then modify it. Add a variable, let's say SourceAccount, to the template. Then go back to the rule and then you should be...
View ArticleRe: Websense activities?
I don't have a Websense connector setup but assuming URL is one of fields that can be used in the criteria, this is definitely doable. All of the other conditions you specified, including the...
View ArticleRe: Add user who made AD change to alert we receive from LEM
Where are the email templates, I can't seem to find them
View ArticleRe: Add user who made AD change to alert we receive from LEM
Yeah, it's not particularly intuitive. You'll find them under Build > Groups. Then on the left side, filter on Type of Email Template.
View ArticleClik here to view.
LEM Appliance Backups to VMWare VDP
Just getting started here with LEM. Our backup solution is VDP Advanced. For some reason, the backup attempt fails everytime. I haven't dug into the VDP logs yet but thought I'd check to see if there...
View ArticleClik here to view.
Re: USB authorized group
Whitelist specific USB Device model - LEM I wrote that for a similar question. You'll want the values from the Extraneous Info in the DATA column of the Authorized USB Devices group.
View ArticleRe: USB authorized group
Hi tmccolgan,Make sure you mark his answer as helpful/correct if that solved your issue.
View ArticleSending information to Syslog. Syslog sends to LEM.
We have several remote sites with VPN connections back to the primary location. We would like to log to a syslog server then have that forward its information to LEM. Does anyone know if that is possible?
View ArticleLEM agent stops forwarding logs.
Is anyone else having agent issues? Some of the LEM agents stop forwarding logs. A restart of the agent starts to forwarding again, but this is becoming a nuisance!
View Article