The most recent content from our members.
We have an external vulnerability scan service that runs periodically. When it does, I get thousands of e-mails from LEM about it. The service runs from a /20 network address block, so putting in individual IP addresses into the filter to disregard isn't feasible. Is there a way to put this address block into a Group so…
We would like to create a report for VPN logins/logouts and also have a real time alert for when someone is logged in or out. The device is a Cisco ASA. Any help on whether this is possible or not and where to start, what fields to look, what to query, etc. would be great.
I noticed that one of my rules stopped firing emails and upon digging around, I found that wildcards are not performing like they used too. For example... Say I have this log entry where the Event Info was: "Member John Doe was added to group Domain Admins" My rule would first off search for "Member*added to group*". That…
With the new 5.6 Upgrade, it appears to have broken some custom reports we created. Whether that's just my error or not, I don't know. I got login errors when I tried to view them, which led me to believe that the database change caused the error. I have begun rebuilding the reports by using the base reports and using the…
If I recall correctly, one of the features on 5.6 was that it comes with some predefined groups and filters. I see these in the LEM appliance we upgraded in our Test environment (it now has Overview, Security, IT Operations, etc groups) but none of these were created on our Production appliance. How do I get these to show…
I'm using the built-in templates for monitoring group changes in AD. In this example, I'm monitoring a group creation event. Here is what my rule looks like. It fires correctly but the information in the email alert does not give me the information I need. The email alert is telling me the group name and that it was…
Using LEM Desktop Console managing two appliances (one 5.6.0 full, one 5.6.0 trial), attempt to create a user defined group and assign to the second appliance in the group. When saving, the selected appliance is reverted to the first appliance in the drop down menu. Disconnect from the first appliance in the list and…
I am attempting to configure a LEM monthly backup to a Windows 2008 server using the archiveconfig command. Everything goes smoothly until I try to start a backup then I get the following "Syntax error: EOF in backquote substitution." This error message is preceded by examples of "mount" commands and their explanations.…
So, I just upgraded to 5.6.0 today, after making a snapshot of my appliance, and I had a few custom rules, and a few default ones, and they're gone! (Of course the database is still migrating.) I don't want to go back to the snapshot, but would rather wait until the database is migrated to see if that's why they're not…
I see options for the backupconfig and archiveconfig but which is the proper backup the 5.6 upgrade is asking about? The upgrade asks for a backup, but the documentation doesn't say how to perform this backup...that I could find. Also, assuming this backup will backup the database to a network share, how do I find out the…
It looks like you're new here. Sign in or register to get started.