Get the latest news about SolarWinds Security Event Manager (SEM)
I have created a rule in LEM and by itself it is firing correctly... for the most part. We have a list of individuals that we monitor their lockouts. The trouble i run into is that we get a few false positives because the rule catches other users. Correlations UserDisable.EventInfo = *JDoe* This successfully fires an email…
We're currently doing some research around VMware vCenter logging support with Log and Event Manager. In order to accomplish our research and understand the format of the vCenter logs, we need log samples from vCenter instances, ideally vSphere v6 or v6.5. You can view information on the location of the logs files via this…
Hey guys I have an audit coming up in 1st week January, 1st for this company, and I am on point for SIEM/LEM. - Who has gone through an audit and used LEM?
Hi, I have a Cisco Firepower virtual appliance, and try to see log into LEM. I have configure Syslog as I found here : Configure a FireSIGHT System to Send Alerts to an External Syslog Server - Cisco On the LEM side, I cannot found any log, or information. I try to reconfigure the connector, but without success. Any one…
What reprot format do you export scheduled reports? I initially had it as PDF format, but that does not allow sorting/filtering. The .XLS format is the closest i can get however columns are not aligned.
How is the best way to monitor for local user accounts being added, changed or deleted from Cisco IOS and Nexus switches? Thanks, Terry
We had an issue with our KEMP LoadMasters last week where some virtual services were removed from the configuration and we/KEMP cannot explain why. One of their suggestions is to setup a netconsole host since the syslogs sent to LEM from the load balancers didn't help with finding the root cause. This is the first time…
We are trying to use InstantClones through VMware to deploy our VDI desktops. The issue I'm having is when I search the lem by hostname (ourVM-) I see a single entry, that changes every few seconds. I ran a nDepth Search on InternalDuplicateConnection with thw same beginning of the hostname, "ourVM-" and I get like 1500…
HI... anyone successfully using LEM for LifeRay Application Log monitoring?
I am having an issue with 1 PC in particular that is activating the Policy View rule. I created a custom email so that i knew what pc this was activating on email and it lists both the Detection IP and the Insertion IP. When it comes to the email it is saying "the start type of the windows modules installer service was…
It looks like you're new here. Sign in or register to get started.