pebcakproblemsolver

I would contact Solarwinds at this point. It sounds like it possibly wasn't properly configured or there might be some error with the install.

Have you looked at the resource allocation/utilization?

Are you possibly having an IP conflict? Have you tried changing the IP to a known free address?

You might be having a resource issue but I'd trying bouncing the box first.

Any other thoughts on the matter?

That's the issue and the reason I asked if you had done it yourself. I have yet to have an alert trigger at less than 10%. On the older boxes there isn't an alert at all until a set mb is hit. The reason this is critical is we have a box there knocks itself offline if at 10% or less.

Changed to detection time

Is it still giving you grief?

Are you able to use the console through VMWare?

You need to install the LEM agent software on whatever servers you wish to manage. Afterwards, enable the FIM software and make sure it watches all the files/folders/shares you wish to monitor (Be aware this can cause a HUGE increase in events on the LEM and you may need to increase its power by a significant amount…

Additionally, I just attempted it with my Win10 pc and got no alerts or events.

Have you had success with that reg edit? I am attempting to test it on a 2003 box (which the guide says it works on) and I'm still not getting the alert.

Additional note: I do not have the agents on any workstations, just servers, so this is all DC reporting and I did set up a special email that contains the info I deemed necessary.

There is also a "User account lockout" rule that is nice to have too if you are managing password changes.

It turns out that somehow the SNMP settings got changed per switch.

Odds are then that you do not have it enabled as it is not enabled by default. It is a connector that you are able to set up.

I removed them and since I have gotten 0 false positives or any alerts for that matter and I know I should have gotten some. I currently have my Business Hours group set later than people first arrive so I can test.

Does this assume you are monitoring the entire environment through the LEM? At present, we do not have the LEM installed on our workstations.

Are you looking at the right "save" button. There are 2, one is on the right hand side in the middle and that is for adding an email contact. The second one is also on the right but at the very bottom.

Do you see this at the bottom of your screen?

Are you able to console in to it? Did you full finish configuring it during install?

I resolved the issue. I put FIM into place on the root folder where the file is before it is assessed and moved, and I also put it on the Invalid folder. I used a test file to see which accounts moved and touch the file if it is read invalid. It was the System account and our Transport account. Then I counted how many time…

Could you set up a Distribution Group for HR in your exchange? Have them email in the initial ticket but have a client setup as HR or NewHire or some such. Then when the ticket is created, changed the assigned Client to that Distribution Group Client and give everyone in the department access to it. They will be able to…

I am attempting to do something similar with After Hour logins Current setup is Naming my domain so Windows services accounts don't trigger and vendor service accounts named as "does not contain" so I won't get alerts for those either. I will probably have to adjust the correlation time a little bit but I have high hopes…

Making a few assumptions here just based off of the wording of the question. I assume you were able to successfully set it up and probably previously connected to it. Additionally, possibly getting stuck at the LEM screen in your browser. If that is true, I would recommend consoling into the LEM and restarting it.

The email rush was from service accounts and automated vendor accounts. I could have it ignore those, but we got reports from people who had left for the day but their workstation was locked. We also got messages from people who get their email on their mobile.

I would just use the "User Account Properties Update" template. Works fine for me. Plus if anything else changes, you'll get an alert.

Assuming you have FIM activate, it is pretty easy. Just use FileRead.SourceAccount = abc@def.com