Clik here to view.
"Purge" Old Data
Hi, I'm fairly new to LEM and doing an implementation of it now. Just wanting to see if there is a way of configuring LEM to only keep the last e.g. 2 months worth of data? Would love to hear if this...
View ArticleLEM installation in windows server 2012 hyper v platform
I have a windows server 2012 R2 server with hyper v installed. after the successful installation of Solarwinds VM, the physical server cannot reach the Solarwinds server via web browser But ping with...
View ArticleWhy is IP Protocol 103 PIM alerts being triggered
I am getting repeated security alerts in LEM stating that IP Protocol 103 PIM is being detected as a "non-standard protocol or event" but I'm not sure what is triggering the alert or how to mitigate...
View ArticleRe: "Purge" Old Data
Retention is based on disk size. You'd need to resize the disk to only be capable of holding 2 months of data. There is no "setting" for this in the interface otherwise. SolarWinds Knowledge Base ::...
View ArticleRe: LEM installation in windows server 2012 hyper v platform
I'd usually blame the virtual switch or some routing rule.Can you access the console from another system?Can you access the console via port 8443?
View ArticleRe: Why is IP Protocol 103 PIM alerts being triggered
Are you running Snort on the LEM or on your own box?
View ArticleRe: Why is IP Protocol 103 PIM alerts being triggered
The SNORT settings for the LEM are pretty fixed. You may want to look at putting SNORT on another box, and then having the LEM collect logs from that device. It'll be easier to configure that way too.
View ArticleRe: Why is IP Protocol 103 PIM alerts being triggered
OK. Thanks. I'll look into that possibility as well.
View ArticleClik here to view.
Re: LEM installation in windows server 2012 hyper v platform
tthank you Curtisi.we tried to connect 2 more external computers and using 8443 and 8080, but it also failed.
View ArticleNetapp Clustered Data ONTAP CIFS auditing to LEM
NetApp Clustered Data ONTAP creates audit log files on a file share (as far as I can tell it is not able to send the log information via syslog or snmp etc). Does anyone know whether and if so how it...
View ArticleRe: LEM installation in windows server 2012 hyper v platform
Can you SSH to the LEM? Under APPLIANCE, enter PING and press ENTER. Can you hit the network gateway? Can you hit the DNS servers?Run a VIEWNETCONFIG. Does everything look correct? Is the LEM's IP...
View ArticleRe: Netapp Clustered Data ONTAP CIFS auditing to LEM
This post is old, but Google makes it look like OnTap has a syslog forwarding capability. Syslog - NetApp Community Based on the connector config in my lab, that's what the LEM is expecting from OnTap.
View ArticleRe: LEM on Server with 2 NIC
Can you check out the spoplog.txt for anything interesting? On Windows, it'll be in C:\Windows\SYSWOW64\ContegoSPOP. Did some more digging and found this as well: Stop the Solarwinds Log and Event...
View ArticleRe: Netapp Clustered Data ONTAP CIFS auditing to LEM
Our current NetApp auditing support is based on remotely accessing the .evt formatted audit trail info (once CIFS auditing is enabled on the OnTAP side). You configure the NetApp connector (under...
View ArticleRe: Why is IP Protocol 103 PIM alerts being triggered
The version of snort on the appliance is relatively out of date, so it's possible it's not properly detecting what you'd expect. You can either tune the rule to exclude that system, or disable the...
View ArticleRe: Report for nodes and their configured connectors?
No, there really isn't... this would be useful, though. We do have a couple of agent maintenance reports that can tell you when agents went on/offline and that sort of thing, but there isn't really a...
View ArticleRe: Almost identical rules - one fires, one doesn't?
Check the time difference between your appliance and your agent - take a look at the DetectionTime and InsertionTime columns of all the events in your screenshot. Make sure the appliance's time is...
View ArticleRe: Almost identical rules - one fires, one doesn't?
The Detection and Insertion times are the same for these events. Appliance and agent both have the correct time. Any other ideas?
View ArticleClik here to view.
Re: Netapp Clustered Data ONTAP CIFS auditing to LEM
I don't have a Netapp connector under "Operating Systems", I'm using version 6.0, is this likely to have been added in a newer release? Thanks
View Article