Welcome to the Rule Building Contest. Let’s not waste any time, glory awaits. Follow the steps below to begin your conquest.
(If you already own LEM or have a free trial running ignore this step)
Step 2: Deploy to VMware or Hyper-V
Step 3: Start Collecting Data
- You can either leverage the simulated data bundled in the LEM evaluation (on the Ops Center dashboard, see the “Data Simulator” widget), or begin collecting some of your own data to work with
- Here you can find useful links and videos to help with logging data to LEM.
Step 4: Build your Custom Rule!*
- Once you’re collecting or seeing data in your LEM console, you can access the Rule Builder from Build>Rules. There’s tons of out of the box rules, and you can build your own.
- This video can help with leveraging existing rules and building your own.
*Build your own rule from scratch or build on an existing template to do something new and interesting. If you’re building on a template rule, make sure it’s materially different than the template (e.g. just adjusting a threshold isn’t really enough to be different). Your rule submission should be a good example of something that helps you get your job done, alerts you to interesting activity, or can spot a potential threat.
Step 5: Export your Rule!
- From Build>Rules, click the Gear next to your rule and click Export.
IMPORTANT: Protect your data! If you’re submitting a rule that uses users, groups, or IP addresses specific to your network, we’d recommend that you clone and create a second copy that uses placeholder data instead. (To clone, in the LEM console click the Gear next to your rule and press Clone.)
Step 6: Upload your Rule!
- Upload to the contest page to successfully enter to win!
Congratulations! You’ve completed your submission! Now get out there and rule your log data!
If at any point you have questions, please contact LEMInstallHelp@SolarWinds.com. We won’t help you build a rule, but we can address any technical questions about getting started.