Comments
-
Matt, Do you have Crystal Reports or an any other applications that use Crystal Reports on the system. I have seen a similar alert.map error when there is a conflict between the Crystal Report Runtime engine the LEM reports console uses and other instances of Crystal Reports running on the system. I would recommend…
-
The following Knowledge base article will allow you to filter out the 5156 event ID along with additional similar events. SolarWinds Knowledge Base :: Disabling Windows Filtering Platform Alerts Using Alert Distribution Policy
-
Syslog Servers have a number of Syslog Message Facilities and each facility has a name and number associated with it (as indicated from the list below). Most products allow you to specify the facility by name i.e. local0, local1 etc. However there are a number of products, such as Symantec Endpoint Protection that use the…
-
Hi rickb@fresnocfcu.org, There are a couple of ways to monitor administrator activity. First I would caution on configuring a rule for all administrator activity. With everything an administrator "touches" day in and day out the types and amount of alerts you receive would result in a lot of noise. Instead we recommend…
-
Yes, you can compare two fields and have a rule fire if those fields are not equal. I've included an example of what I think you are trying to accomplish. * Start by adding the Auditable Events (All).Source Account * Drag Auditable Events (All).Destination Account into the empty field * Change the condition to /=. I would…
-
What does the mask field look like in your condition? The default is *.* however directories typically don't have a . in their name. Therefore the default condition will not pick up directory changes. I would suggest creating a second condition for directory changes and removing the . and trailing asterisk like I have done…
