sparda963 · Network Engineer

They should have included a coupon for a slice of pie from somewhere to go with it because of the day! You got a Pi on Pi day so have some Pie.

I did some more digging on it Friday afternoon, and it appears this is likely a hard coded thing. I can replicate this in any directory with more then 200 folders in it. It appears that it will only display 200 entries in the view, and just stop after that. I have browsed multiple directories now with folders in them, and…

That is what I am thinking too. I could see the reasoning behind putting a limit on the display to a point. But at the same time it will drastically reduce the usefulness of the browsing function for most people if that is what is happening. Then again it could just be a bug too. I have around 1000 user directories in our…

Well you said the company wants it, so that gives you ammo to get you the access to them to get the information the company is looking for. I would imagine you can pull most of the data through some MIB's via SNMP. Not really sure what Cisco has out there for that though. If it is anything nearly as detailed as what you…

While a bit dramatic, I do agree with everyone you said here. The scan for nodes is pretty messy, and will likely just get worse as time goes on and more connectors are added. Your best bet is to do it manually and make sure you get it right the first time.

I did some work at a place years ago that had just implemented the same kind of policy. The IT staff was getting bombarded with "free" swag from all kinds of vendors and service providers. Things like pens all the way up to box tickets for Packer home games and free flights and other things like that. It was pretty insane…

I think a lot of the issues with getting training right now is coming from the company itself and not so much the department leadership. When I started at this company in the help desk 5 years ago they had an education reimbursement program in place where you could get like $800 a year reimbursed for education that was not…

My guess is that's part of the bug that 6.3.1 fixed. This is also why I never do an upgrade to a x.0 version in production. Test is ok, but never production

Only thing I see in the patch notes right now is the following for 6.3.1 Case numberDescriptionn/aFixed an issue where when a rule fires on 2 or more events the data filled out in actions is empty. Everything else listed is for 6.3.0 SolarWinds Log & Event Manager (LEM) 6.3.1 Release Notes - SolarWinds Worldwide, LLC. Help…

Its one of the top feature requests for the product in the feature request section. Log & Event Feature Requests

I might as well get in on this Here is what I look at every day. PRTG on the left, Cisco Prime Infrastructure in the middle, and Solarwinds Log & Event Manager on the right.

Like Mrcusmm8 said, I would make sure your on the current version first. I noticed in the top left of the search results window that it says "Time Out > 334...." This means that the search you performed timed out before it could complete. Usually this happens if your searching to to much data, but with such a specific…

I have the same problem. I have my LEM on a host pretty much by itself, and half the host resources are dedicated solely to the LEM vm and the disk is local, not san disk. The searches seem very laggy and slow most of the time, but with the reports console and the web console. I find if I have to generic search parameters…

I have been playing around a little bit with this to try to reproduce your problem but I am unable to. When I select a saved search from the bottom left Saved Searches menu, and then make a change to it, on either gear icon the Save option is grayed out for me, but the Save As option is available. The thing is when I use…

I needed this today!

If it's fixed, then I spent the time it was broke on a rocket! Before it went down I was in the 1100-1200 range. Now I am closing in on the 200 spot. Better slow down or my wings might melt!

What kind of setup do you have in your FIM connector to detect file name changes? I have not been able to get a combination that will detect file name changes for some reason yet. I think your rule would work based on that though for alerting purposes.

We use Putty CM. We have all of our switches and routers setup in it. It works nicely for us.

Yeah this is getting old. The vote to get this off of flash has been out there for almost 5 years now. Moving it off of flash I think has been on the road map for about 8 months now. I do not have much hope for seeing this happen before the time all the browsers all but block flash permanently from running by the end of…

If anyone gets the figured out I would like to know what they did. We are adding some fortinet devices that I would love to monitor through LEM, but the data is not coming out nicely or usable at all.

I assume you are talking about the Result Details window of an nDepth search? Sadly there is no way to change how the Result Details window displays its data to you, even to sort it. But you can export the results to a csv and then open that with Excel and manipulate the data any which way you want from that point. This is…

Well not a direct integration to our help desk system, we are able to send tickets from LEM into our help desk system. Our help desk system, OTRS, has a mailbox pickup function in it. What we do is have LEM generate an email alert that is sent to the specified mailbox, and them OTRS scans the box at set intervals and pulls…

I was wondering where my point surge came from all of the sudden. I had actually forgotten all about all those points from that! Happy Late Christmas Present I guess

This guy likes to lurk around my desk at work.

Someone should start a "What's in your Thwack Pack?" thread. Could be interesting!

You may also want to take a look at this post from adatole . It has some good links, articles, and information in it to get started with. Free Training: Monitoring 101

I do not think there is an FAQ out there that has common rules or best practices for the LEM product specifically. You can probable find some stuff that is SIEM generic though out there somewhere. There is a new class they started a few months ago that is an intro to LEM. I would encourage anyone using LEM to attend the…

And I guess this gets to be my number 1 priority now directly from the CEO. The Wisconsin Hospital Association put out a high priority alert because of this. I guess ransomware is finally on our radar.

I have no pity or remorse for anyone who gets hit by this. Microsoft released a patch for this over a month ago. If your process requires more then a month to test and deploy patches, you might as well not even bother with the process at all.