• Build Your Own Syslog Connectors

    score397
    Open for Voting
    403 votes
    I have a lot of devices that can send syslogs to LEM; however, often there aren't connectors for those logs.  I would love to see a small development environment for creating your own syslog connectors.  I i...
    Profile Photo
    last modified by byrona
  • Allow SEM filters to be sent to Rule Creation

    score245
    Implemented
    247 votes
    I Use the Filter creator in the Monitoring section to build and trouble shoot filters and often take advantage of the feature to be able to send them directly to Ndepth. This works great and I think it would also be v...
    Profile Photo
    last modified by Roman828
  • Streamline Reporting

    score213
    Open for Voting
    215 votes
    I think the reporting capabilities of LEM could be significantly streamlined by doing the following...   Remove the reporting tool completely Have all reporting done using the nDepth reports/searches/exports Ad...
    Profile Photo
    last modified by byrona
  • please move away from flash!

    score184
    What We're Working On
    190 votes
    I'd really like to see LEM move away from the flash interface into something far more flexible and customizable. This also leads to my next 'want' by being able to review LEM content from iOS or other mobile devices....
    Profile Photo
    last modified by canesfan
  • FEATURE REQUEST: vCenter Logging

    score118
    Implemented
    122 votes
    I would like to request that "Events" typically displayed by vCenter when managed using the vSphere client be able to be analyzed by LEM.   This is beneficial since the ESXi event logging does not not include op...
    Profile Photo
    last modified by wgibsoniii
  • Ability to Control Log/Event Retention

    score94
    Open for Voting
    94 votes
    Ability to delete logs after 3, 6, or 12 months. Ability to delete logs per type at different intervals.  For example, keep failed logons for a year, but IIS logs for 6 months.
    Profile Photo
    last modified by travis.fenton.41
  • Provide FIM Connectors for all operating systems

    score86
    Open for Voting
    86 votes
    Currently, the FIM connectors in LEM are Windows-only. Please provide connectors for all operating systems that LEM supports with agents.
    Profile Photo
    last modified by zackm
  • Advanced Networking Options

    score74
    Open for Voting
    74 votes
    I would like a set of Advanced Networking options that allow me to add additional IP interfaces to the appliance as well as static routes.
    Profile Photo
    last modified by byrona
  • Use Domain\Username instead FQDN\username for AD Auth in LEM

    score62
    Implemented
    62 votes
    Will be helpful to modify the way to log in in LEM thru Active Directoy. I must write FQDN\username instead Domain\Username after I have activated the connector Directory Service Query Tool. I know is a small change b...
    Profile Photo
    last modified by crypto_root
  • FIM Exclusions

    score53
    Implemented
    53 votes
    I would like to see the ability to add exclusions to the FIM connectors.  As an example: I can currently tell LEM to look at C:\Windows\ recursively for *.dll; however, I can't tell it to exclude certain folders ...
    Profile Photo
    last modified by byrona
  • Active Reponse Option to Execute Script/Program

    score53
    Open for Voting
    53 votes
    I would like an Active Response option for system agents to be able to execute a script or program on that system.  We would like to use this to form some integrations between LEM detecting events and some of our...
    Profile Photo
    last modified by byrona
  • Agentless pull of event logs or log files

    score51
    Open for Voting
    51 votes
    We have many critical systems that getting an agent on is a horrendous task and anytime anything goes wrong it will be the agents fault.  So I would LOVE to see an agentless pull.  This could be similar to h...
    Profile Photo
    last modified by familyofcrowes
  • Need New User Role - Separation of Duties for Better Security and Operation Management (case #526663)

    score46
    Open for Voting
    46 votes
    Hello! Currently Security Engineers/Administrators are usually assigned with LEM Administrator role and responsible for creating and managing those security /correlation rules. LEM Administrator role has the power to...
    Profile Photo
    last modified by lucy.liu@merchantlink.com
  • Add a Label to the system

    score45
    Open for Voting
    45 votes
    Currently as best I can tell LEM uses the System Name that the system knows itself as.  I would like the ability to add a Label to the system in LEM that would be different than the System Name.  Currently t...
    Profile Photo
    last modified by byrona
  • Login Warning Banner for any Orion Web Server product

    score44
    Open for Voting
    44 votes
    Department of Defense requires a  warning banner prior to logging into an application or system.  While I have been able to achieve this via the default.aspx page, this does not stop a user using direct link...
    Profile Photo
    last modified by cwtibbs
  • Logging of flat files

    score44
    Open for Voting
    44 votes
    Ability to log flat files from 3rd party applications.  It would be great to be able to choose a .log file created from an application and have that data be recorded in LEM.
    Profile Photo
    last modified by evanr
  • Integration: Log & Event Manager and Orion Platform

    score44
    Open for Voting
    46 votes
    Use-case Orion Platform alerts can be sent to LEM (traps? emails? syslog?) for further analysis and correlation
    Profile Photo
    last modified by dexml
  • Ability to name nodes in LEM

    score42
    Open for Voting
    42 votes
    Please provide the abilitiy to name nodes in the LEM console.   At present node names are limited based on syslog data or the LEM agent. It would be nice to be able to overwrite these options in the LEM website ...
    Profile Photo
    last modified by zackm
  • Provide a way to monitor LEM Health with Orion NPM/SAM

    score42
    Implemented
    42 votes
    It would be great if there was a way for SAM or NPM to monitor the health of LEM. We often find out a day later that LEM has had problems and is no longer consuming logs. We have opened cases and to this point have on...
    Profile Photo
    last modified by ndhunter
  • Fix Solaris 10 BSM Auditing Connector

    score38
    Implemented
    38 votes
    Ba SWe would like to see the Solaris 10 BSM Auditing connector be fixed so it actually works.  When we contacted support, we were told to use a 3rd party app, Snare, to convert these binary Basic Security Module ...
    Profile Photo
    last modified by rodbeeson