Ability to delete logs after 3, 6, or 12 months. Ability to delete logs per type at different intervals. For example, keep failed logons for a year, but IIS logs for 6 months.
As sysadmins we are often asked to keep logs for a minimum of X days (in my case 90 days is the requirement). LEM keeps logs for as long as you have disk space. I would like LEM to give a Log retention projection based on current daily growth. In its simplest form it could say: The last 24 hours created 1.2Gb of logs Based…
The LEM Management Console currently does not support two-factor authentication for logins. Currently the only way to login to the console is with username and password. In order to increase security and AAA compliance, there is a need to have two-factor authentication so that smart-cards can be used to authenticate.…
SEM with HA, or Active-Active Architecture More EndUser requires to have SEM HA or SEM Active-Active Features so as to fulfill internal company policy on critical systems (SEM is one of them).
It would be extremely useful in interacting with a REST API was an active response option. Making a call to an API and saving data into a variable that can be used in subsequent calls would be ideal to fully integrate complex APIs. Ultimately my goal is to integrate with the Cherwell CMDB API and create Security Incidents…
It would be great if there was a way for SAM or NPM to monitor the health of LEM. We often find out a day later that LEM has had problems and is no longer consuming logs. We have opened cases and to this point have only been provided with an option to have LEM send a heartbeat email out once and hour. Sadly SAM has no way…
As good as this product is, there needs to be a concentrated effort to develop connectors or agents that can monitor cloud based services, and more specifically, Office 365. The demands for auditing activities in cloud is growing as fast the use of the cloud itself. The LEM product is a very good product, but unless there…
FLASH has been disabled in our environment. Prior to it being disabled I was able to edit the event distribution policy and prevent certain event types from displaying on the console, but still being logged to the event DB. Now I cannot find that option in the HTML5 SEM 2020.4 version.
Allow SEM to drop events or log as SEM agent are forwarding every single logs and some logs are not security events, this cause the disk space to fill up quickly ...
It looks like you're new here. Sign in or register to get started.