The most recent content from our members.
The LEM/SEM interface had a feature where one could great a filter in "Live Events' and then end it over to "Historic Events" aka nDepth for historic analysis. This feature is no longer available since the Flash to HTML5 migration. It has not been migrated as of 2023.2. I opened a ticket on this issue which as closed. I…
I have installed an agent on an SFTP server that I need to monitor logs for, and it has a green connection and everything seems to be working fine, but I am not getting any alerts on that IP address in nDepth except for the initial internaltooloffline and internaltoolonline alerts. I read that this might be a config issue.…
For setting up log management (both Syslogs and Windows Event Logs) at remote sites, what is the best way to go when using LEM? * Kiwi Syslog Server: have both Syslogs (from network devices, UPSs, etc.) and Windows Event Logs (converted to Syslogs with Log Forwarder for Windows) sent to a Kiwi Syslog server at each site,…
Hi guys... I've noticed that my NDepth "Schedule" button is greyed out... I've tried fiddling with all sorts of query changes but can't get it to be clickable. What are the conditions that enable it to be used??? Thanks!
In nDepth, I need to search for complete strings, including spaces, periods, hypens, etc. Here is an example: If I search for DstIP: 12.34.56.789 I get results for DstIP and 12.34.56.789 in the same event, but not as a complete string. It could be DstIP some text 12.34.56.789, or 12.34.56.789 some text or numbers DstIP.…
Hello All! *Potential Noob Question* I have been asked to run a report of file activity one of our file shares. As it has been quite a while since I helped integrate LEM and received the training, all the knowledge has leaked out of my brainbox. I have played about in nDepth but I can't work out how to specify a particular…
I'm attempting to set up both a saved search (nDepth) and filter (Monitor) excluding computer accounts (ending in $ sign). However.... * In nDepth, when I add a Group with the following condition... UserModifyAttribute.SourceAccount ≠ *$ ...I still get computer accounts showing up in the results. I have tried putting that…
I've been having an issue working with nDepth to perform log searches vs. working in the Rule builder. When I create a Rule, the logic allows me to pull in logs from various different event sources, including mixing correlation rules with fields from Event Group > Any Alert with fields from Event > TCPTrafficAudit/etc. and…
I found the link below from solarwinds stating the ndepth export for CSV at 500,000 events, however one of my scheduled reports only showed 50,000. Is this a bug? nDepth export to CSV/PDF limitation - SolarWinds Worldwide, LLC. Help and Support
After I rebooted the appliance through putty, i lost the saved searches however the email is still being sent. I am unable to see the saved searches. Anyone experience this?
It looks like you're new here. Sign in or register to get started.