The most recent content from our members.
Currently, the FIM connectors in LEM are Windows-only. Please provide connectors for all operating systems that LEM supports with agents.
We've seen time and again that dividing your security attention between the inside and the outside threat (and unfortunately the blend of both - when outsider leverages or becomes an insider) is an ongoing challenge. If you check out our last 1-2 years of Federal IT Security Surveys, you'll see the insider is still a…
I would like a way to stop NT Authority\System coming in from FIM. I open a file and 9 out of 13 events is from NT\System Not just filters. I would like the events to not even hit the LEM. The less events it has to store the better. IMHO the fact that NY\system did anything to a file doesn't help in auditing. Need to know…
I am running 6.2.0RC1. I have FIM running on a file server and pointing to one folder. I get a lot of events with NT Authority\System in it. One file opened creates 8 events. 5 of 8 are from NT\System Because they dont tell me anything about who did what i am trying to filter it out. I have set this filter but still get…
Those of you in IT administration (particularly IT security) know the challenges involved with protecting corporate data stored in your network. You also know that you regularly face an onslaught of new and sophisticated hacking methods, malware, and other threats. It is an uphill task to safeguard data—especially the…
Hello All, I am new to LEM and I am trying to setup file auditing using FIM. I have FIM getting data when a file is changed, for example, Word.docx changes to word.docx.ecc. I want to setup a rule to send me an email when this happens. I'm not sure if I created the rule correctly or if I'm missing something, but when this…
I setup the file integrety management (FIM). However when I setup a directory to monitor I setup *.zipx files only. I wanted to be notified when a .zipx file in my directory was deleted. This directory holds zipx files that are added to every night. When I get notified I am getting alerts about .tmp files and only one zipx…
Hi everyone, If you've followed our What We're Working on, LEM Edition post or seen some of our other activity here on Thwack, we're working on adding File Integrity Monitoring for Windows to LEM. We're ready to start admitting a few people to our beta program. Just to set expectations, you qualify to participate if... 1.…
It looks like you're new here. Sign in or register to get started.