We have reached the Release Candidate (RC) status for Log & Event Manager (LEM) 6.3. RC is the last step before general availability and is a chance for existing customers to get the newest functionality before it is available to everyone else.

 

The RC contains the following enhancements:

  • Single sign-on (SSO)/smart card integration.
  • Update to Java 8
  • SNMP v3 Monitoring of LEM virtual appliance
  • New configurable alerts for disk utilization
  • Fixes for security vulnerabilities and multiple supportability enhancements

 

Single Sign-On / Smart Card Integration

 

LEM now supports SSO to log in to the LEM console. This means you can leverage your existing single sign-on infrastructure to authenticate and authorize activity in the LEM web console. We are developing a comprehensive document to configure SSO, but below are a few quick tips for configuring Kerberos based SSO for MS LDAP.

  1. Ensure an A record exist in DNS with the FQDN for your LEM server.
  2. You need to setup a Service Principal Name (SPN), a service account for Kerberos authentication. If this account expires, you will need to re-create a new one so make sure to keep an eye on that. Generate a keytab file based on that SPN.
  3. Create AD groups for each of the LEM groups. See the below table.

    

Header 1Header 2
ROLE_LEM_ADMINISTRATORSadmin_role
ROLE_LEM_ALERTS_ONLYalerts_only
ROLE_LEM_AUDITORaudit_role
ROLE_LEM_GUESTSguest
ROLE_LEM_CONTACTSnotify_only
ROLE_LEM_REPORTSreports_only

 

4. Ensure browser security settings trust the LEM appliance's address. In IE, the simple way to configure is to add it to the Trusted Sites. If you configure IE security settings they will flow through to other browsers such as Netscape (just kidding), Firefox and Chrome.

5. SSH to the CMC and import the keytab generated in step 2. Type 'import' from the main CMC screen.

6. Before you can configure SSO, you must have at least one LDAP account configured.

 

Update to Java 8

Since the LEM appliance is a secured hardened virtual appliance, it's difficult to practically exploit many of the vulnerabilities in the packages we use. Every time we ship a new version, we update those packages to include the most current and secure versions. When new exploits are announced, we evaluate the severity of the exploit and whether that exploit can be used against the LEM appliance. Sometimes the exploit requires root access which isn't really relevant because if you already have root access, you can do whatever you want, so we make sure to focus on the critical issues like remote exploits.

 

SNMP v3 Monitoring of LEM virtual appliance

You can now monitor the LEM appliance just like any other node in your network. You need to configure the SNMP service in the CMC. From the main CMC prompt, type 'service' then 'snmp'. The CMC will prompt you through the next steps. Make sure you record this information as you will need it when you configure your monitoring server, hopefully SolarWinds NPM! This will provide you base metrics such as CPU, Memory, and Disk utilization.

 

New configurable alerts for disk utilization

While previous versions of LEM contained a system audit event when a disk partition reached 90% utilization, many customers needed more granular control for regulatory reasons. You can now configure percent utilization or absolute availability in the CMC. From the appliance menu type 'diskusage' to see current utilization then 'diskusageconfig' to define the limits you need. When a threshold is met or exceeded, you will see it in the Monitor UI on the web console. You can also configure alerts and other actions based on these events.

 

If you are an existing customer on active maintenance the RC should be available in your portal now! After you upgrade, post below and let us know how it went and what you think of the updates!