phil3

You can use the upgrade, but I just checked with Product Management, and Lawrence recommended upgrading to 1.72 first to get over the licensing hurdle before upgrading to 1.73. This step is not necessary, but it'll help distribute the tasks related to getting you up to date. That is: * Upgrade to 1.72 and apply the new…

Sorry for the late reply. There isn't an active response connector for Linux since most of our active responses are either Windows- or firewall-based. Is there something specific you'd like to do on your Linux agents as an active response? That is, are you looking for user-based actions (e.g. log user off, disable an…

The default values for Database Name, Database Server Instance Name, and Database Server Port in the tool are a good place to start. However, your DB admin should know what to use if the defaults aren't right for your DB. Regarding the user account, the tool is configured to use the sa account by default, but the only…

It looks like you have the right setting, but the form doesn't re-load all of the OUs every time you open it. Try restarting the console to see if that helps. You can also try selecting and different OU and then selecting the one you want as noted in the SolarWinds Log & Event Manager Release Notes.

If I'm understanding this correctly, I can, as an option, designate a separate virtual appliance as storage for the "raw" log messages? Yes. Therefore, I could have at most three VM appliances as part of the same deployment: one management VM, one raw log VM and one alert log VM? The main restriction to be aware of in this…

Are you talking about a rule you have enabled in your LEM Console? If so, you'll want to be sure to click the Activate Rules button at the top of the Build > Rules view to sync your local changes with your LEM Manager. The presence of this sort of rule shouldn't affect whether you can search File Audit events using nDepth,…

Here are the URLs for a few relevant help topics: http://www.solarwinds.com/documentation/LEM/Docs/html/Content/Console/Appliances/ConfigManagerTools.htm http://www.solarwinds.com/documentation/LEM/Docs/html/Content/Console/ToolConfig/ToolConfigTables.htm Note that the procedure for accessing Agent connectors (AKA "tools")…

I'm glad you found the tech ref useful. Just so you know, is currently working on another LEM paper that will cover some general deployment and maintenance best practices. If you want to see/search a bunch of raw logs in LEM, check out this KB article: SolarWinds Knowledge Base :: Using your LEM Console to view and search…

Are you using /I, or /l? The correct option is to use a lower-case "L." HTH

Hi, Robert. I have submitted this as a feature request. Please let us know if you have any additional questions. Thanks. Phil

cmgurley wrote: I wrote a lot about how this and that didn't work and even how one of those KBs was wrong, but eventually started to figure out a few of the caveats (i.e. "Any Alerts" under "Alert Groups" -- very important or else it'll filter out more than you expect). I'm far from loving things, but it's at least a step…

Thanks for the clarification. We don't really have a report that shows that, but I can recommend a few other things that will likely get you what you're looking for. Use the Agent connectivity status to determine whether or not Agents are connected * Open your LEM Console and log into your LEM Manager. * Click the Manage…

I'm working on testing this on my end, but in the meantime, please double check that... * The database name and instance are correct in the connector, and * The DB user credentials are correct in the connector and the user has read (possibly execute) permissions. Generally, when a DB connector doesn't start, it's because…

Hi, Rony. I'll ask the moderator to move this to the APM board and I'll give the APM writer a heads up. Thanks.

Did you complete all of the steps in the article in order? The reason I ask is because the "Data Is Null" message is common when the MEKey and MPKey are cleared after changing the credentials in the console. The proper order is: * Stop the service. * Clear the Registry keys. * Start the service. * Change the credentials in…

Thanks for the info. First of all, when you run LEM Reports, are you launching the application by right-clicking and selecting Run as administrator? If that's not the issue, * Did you install LEM Reports as admin? * Did you install the Crystal Reports runtime as admin? If those aren't the issue, can you run Task Scheduler…

That's interesting because that resembles a bug that we had in the data simulator in the 5.3 Console. If you don't mind, double-check the version by clicking the logo in the upper-left, and then try the steps outlined in the KB linked above. If you're on 5.3.1 and you're having that problem, that's something I'll have to…

Will you try selecting Webroot Logs instead of Access Logs and see what kind of options you have?

The customer we originally set this up for had Iron Port S160. Although, now that I look at it, the "Syslog Push" option seems to be a feature in the Iron Port email security appliance. We're looking into this a bit further, but it might be more expedient to set up a Support call if you'd be open to that. That way, we'll…

What's your specific goal? If it's just to see everything related to a specific user, try this: * Open the LEM/SIM Console, and then log in as an administrator. * Click the Explore, and then select nDepth. This should show you all of your alerts for the past 10 minutes. * In the Refine Fields list on the left, find the…

To clarify: Are you seeing anything from that ASA firewall in your LEM console?

In that list, only IE 8 is supported in the current version of EOC. The complete list of supported browsers is in KB3218. We should have much broader browser support (including support for Chrome) in the next release. That said, I'm not entirely sure your browser is the problem, since you seem to be having similar issues…

Try this page for the videos, it's a little easier to look at: http://thwack.solarwinds.com/support/#LEM The tutorials on this page cover the vast majority of the material that was presented by the TriGeo trainers. I was a trainer myself in the TriGeo days and I helped to develop these. If you watch these and they still…

Hi, there. So, if I understand your most recent post, you're just having issues with your desktop console password? If that's the case, use username "admin" with password "password" -- those are the default credentials per http://www.solarwinds.com/documentation/LEM/Docs/SolarWinds-LEM-QuickStartGuide.pdf. (The default…

I just got word from Development that this behavior could be indicative of some kind of polling issue. They suggested you open a Support case. Once you've opened the case, if you wouldn't mind, please post your case number so we can all keep an eye on it, and then post any resolution you reach. Thanks.

One more thing... Here's a similar thread in which we discussed how to use built-in and custom properties to filter resources for specific computers: .

BTW...here's a link to the section in the Admin Guide about creating custom menu bars: Creating a New Menu Bar

Hi, olgab. I just tested the link on a few different computers, and it worked just fine for me. Perhaps the bare URL will help: http://www.solarwinds.com/documentation/LEM/Docs/LEMFiltersandAlerts.pdf Let us know if you still have problems. Phil

For additional information about what groups need to be customized and how to customize them, check out this new KB: Getting Started with User-Defined Groups. Thanks for the tip! :)

Another option: Change your alerts so that they include some sort of prefix for the alert name. For example, use "UNIX" and "Windows" as the prefixes, and use a filter similar to this: Alert.AlertName like 'UNIX%' Let us know which option ends up working out. Thanks again. Phil