Re: Syslog node names?
No, the LEM gets the node names from what it sees in the logs and those aren't customizable in the LEM interface.
View ArticleRe: Custom user privileges
No, but you can assign the pre-defined roles:AdministratorMonitorAuditorGuestReportsContact
View ArticleRe: LEM not displaying all syslog messages/events
So, if you download the latest connectors, and extract the package, you'll find a LOT of XML files. Somewhere in there is the CiscoFirewalls.xml, and this is the file that gets copied to the LEM to be...
View ArticleRe: LEM not displaying all syslog messages/events
Is it possible to manually configure the needed connector to display alerts it would otherwise drop?
View ArticleRe: LEM not displaying all syslog messages/events
I wouldn't recommend it, as it's way too easy to break the connectors. If you need a connector adjusted, contact support.
View ArticlePossible to monitor disk space remaining?
I'm currently using EventSentry to alert me if drives on Windows 2008/2012 virtual machines are running below 5% available space. Can I use LEM to replace EventSentry?
View ArticleRe: LEM Syslog Question
Hi curtisi, thanks for the addendum, i didnt know that portion needed to be configured before i can store raw syslogs messages. Guess my vendor did a great job during installation. Learnt something new.
View ArticleRe: Custom user privileges
Thanks for the confirmation. Maybe i should put this up as a new product feature
View ArticleClik here to view.
Re: Syslog node names?
Maybe there should be a feature like Kiwi Sylogs where i can input a Host file to translate IP addresses to hostnames.
View ArticleRe: Possible to monitor disk space remaining?
It is possible to make Windows log a disk space alert which LEM can then normalize ( I haven't checked this for Windows 2012) Window 2003 and 2008 including R2: You will have to create 2 DWORDs....
View ArticleRe: Possible to monitor disk space remaining?
In addition to monitoring for low disk space I'm using it to monitor failed logins and the basic set of alerts that come with EventSentry. I'm hoping to eliminate EventSentry when I get LEM...
View ArticleReceive only Windows security log by default?
Is it possible to set this as a default setting, or is it necessary to first get the agent reporting and then edit the node connector settings to stop the application and system logs?
View ArticleRe: Receive only Windows security log by default?
See if this will help achieve your objective (Tool is the old terminology for Connector) http://knowledgebase.solarwinds.com/kb/questions/2762
View ArticleWay to modify events collected by LEM agents?
Hello All,I am a LEM Noob and I am trying to help my security team get it set up. I have a quick question, is there a way to customize what logs are collected by the LEM agents? I would like to...
View ArticleRe: Syslog node names?
It's unfortunate that LEM doesn't include some way of changing IP addresses to human readable node names. Donthomas provided a way of fixing this from a Cisco device running 12.2 or later, but what if...
View ArticleClik here to view.
Question about cloning
Does anyone know if there are any issues with cloning a baselined hardened OS (with the LEM agent installed) and then deploy that image to 100 other machines? With Symantec or other software, sometimes...
View ArticleRe: Syslog node names?
I agree with @curtisi. A Cisco device with an IOS older than 12.2 would be the bigger issue - that is vulnerabilities galore. For your requirements, LEM depends on the syslog device to provide the name...
View ArticleRe: Question about cloning
So, this KB is for Windows...http://knowledgebase.solarwinds.com/kb/questions/3152/How+to+include+the+LEM+Agent+in+a+Windows+image But! On any OS, the folder structure for the agent will be similar....
View ArticleRe: Way to modify events collected by LEM agents?
While there are connectors that will direct the Agent to many places in the Windows Event Logs, if we don't have a connector for it, you'll need to put in a support request for a new reader for that...
View ArticleRe: Send alert when server is down
There is a Template rule called "Agent Offline Timeout" that will achieve this result.
View Article