cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

What We're Working On - Log and Event Manager (LEM)

Level 18

In case you missed it, the Log & Event Manager team recently released our 5.6 version which was packed with great features. And as always, there’s more exciting stuff coming, here's a sneak peek:

Disclaimer: this is not a commitment to a timeframe or delivery of any of the features discussed below. This is also not a commitment to deliver all of these features in our next release. This post is intended to give you a rough idea of what we're doing.

  • Scheduled nDepth searches
  • Support for Windows 8 with Workstation Edition
  • Support for auto-recycling licenses when using LEM in VDI-based desktop environment
  • Scalability enhancements to rules engine and appliance-side processing
  • Simplified agent update
  • NetApp connector
  • FIPS self-certification statement
  • And many other smaller customer enhancement requests and bug fixes - stay tuned for more details.
10 Comments
Level 7

Hi,

I was trying to evaluate this product but the product only run on VM environment.

If I don't have VM in my environment, does it means that I won't have a chance to use this?

Level 13

Can you please let us know

  • how are patches applied to a vm image?
    • as a linux build, no RDP login exists
  • How do you install a new image without losing all data
    • each vm/hyperv image destroys the old image
  • How can/will LEM be integrated into Orion
    • not seen in Orion at all
  • can an upgrade license be added?
    • when i moved from 100 to 250,  the new one is not accepted and return error stating wrong product.
    • i have an open ticket now that is still not resolved after three weeks
Level 16

Orion integration would be a HUGE help.  I like how you guys did the Virtualization Manager.  If there was that much, just some resources that could have your LEM filters as a view, and I'm REALLY hoping to see a way to do a query (nDepth) straight from an Orion dashboard (http://thwack.solarwinds.com/ideas/2264). Also, some integration with NCM where NCM policies could see the rules (http://thwack.solarwinds.com/ideas/1991)

Looking forward to the new version!!!  🙂

Level 15

The LEM is meant to be deployed as a virtual appliance, and as far as I've seen, getting the old SIM hardware isn't an option.

Ideally, you'd be deploying the LEM on HyperV from Microsoft or on ESXi from VMWare.

Personally, I've had success deploying the OVA (VMWare image) using Oracle's VirtualBox.  It's not a solution I'd want to deploy in production or in a serious test environment, but it was enough to get LEM working on my home network so I could play with it, and there's no cost associated with VirtualBox.  However, even my fairly beefy gaming rig struggled to find the resources for LEM and still do anything else at the same time.  You can find LEM's recommended minimum requirements on page 8 of the Quick Start Guide.

Level 15
  • How are patches applied to the VM?
    • Directions on how to apply upgrades to the LEM appliance are available in the Upgrade Guide and start on Page 12.  You will need a CIFS share that the LEM can reach and credentials for that share.
    • Details on how to apply the Connector Updates are available here.  The process has similar requirements to an Appliance upgrade, but the commands issues are different.
  • How do you install a new image without losing all data?
    • The image that you get from Solarwinds has a default machine name, but you don't have to keep it.  Changing the name will allow you to deploy multiple images simultaneously.
    • It's always a good idea to take backups of your configurations for the sake of business continuity.  Steps on how to setup backups can be found here: SolarWinds Knowledge Base :: How to Configure Backups on Your LEM Appliance
  • Can an Upgrade License be added?
    • This should be done the same way as applying the original license: In the Web or Air console, go to Manage --> Appliances, select the manager you want to upgrade the license for, then click the License tab.  There should be an "Update License" at the bottom-left of the Properties pane that will let you enter the new, more nodes license key.  Keys for previous versions will migrate if they are applied prior to migrations, ie: a 5.5 licensed for 250 nodes will migrate to a 5.6 licensed for 250 nodes, but a 5.5 Eval upgraded to 5.6 can't be activated with a 5.5 key.  Customer Service can work with you to resolve issues like that
Level 21

Yeah, I agree!  The Virtualization Manager integration was very nicely done and I would love to see the same type of thing with LEM.

Level 13

issues to resolve with LEM

i renewed my mtce

  • tried to add my new lic file to lem 5.5. failed! support could not find a soln. then they told me that new lic files are not compatible with 5.5 and earlier. why is that not documented?
  • i then go to upgrade from 5.5 to 5.7, NO STOP cant be done. i must migrate from 5.5 to 5.6 wait for the DB to be rebuild  ie one week then 5.6 to 5.7. where is that documented?
  • mu new lic file sails in both 5.5 and 5.6 ticket 600455  is still open
  • i try  to do the 5.6 upgrade, why is this product  so outdated that i have to go into a ssh linux shell and perform archaic  commands. why cant i do it from the gui?
  • i have to use the root account. how do i set the passwd, I CANT, can it be changed?. NO , but if you do chnage it ...., sw will not support the product  hu??? this is very insecure if i cant change my own prod cut passwords and the vendor is the holder of them (;
  • admin roles, why cant i add and remove function ie , net admin, db admin, log admin, update admins. they are all admins, but each has  separate  roles and responsibilities
  • there is no documentation for the CMC account
  • there is sparse documentation for the use of the root account
Level 15

tried to add my new lic file to lem 5.5. failed! support could not find a soln. then they told me that new lic files are not compatible with 5.5 and earlier. why is that not documented?

There were e-mails sent from the licensing team to customers with LEM versions 5.5 or previous to inform them that the license would encounter issues moving to 5.6 and 5.7.  If you're not listed as the primary contact on the Solarwinds Account, you may not have seen these e-mails, or they may have been marked as spam.

i then go to upgrade from 5.5 to 5.7, NO STOP cant be done. i must migrate from 5.5 to 5.6 wait for the DB to be rebuild  ie one week then 5.6 to 5.7. where is that documented?

Page 12 of the LEM Upgrade Guide (included with the 5.7 Upgrade package) says:

"The LEM appliance upgrade package upgrades only LEM version 5.6 and later. If you are running an earlier version of LEM or TriGeo SIM, upgrade your appliance to a compatible version first, using the following upgrade paths...

The full upgrade path from earlier versions of LEM (formerly TriGeo) is as follows:  3.5.x > 3.5.6 > 4.0 > 4.5.3 > 5.0.2 > 5.2.1 > 5.4 > 5.6 > 5.7"


If you look at page 8 of the LEM 5.6 Upgrade Guide, there's this:


"Upgrading to 5.6 performs a database migration of your data. Performing this upgrade converts your existing information, from newest to oldest, into the database format. In our latest release of LEM, we are migrating from a third party database software to an in-house database.

We have included a banner that displays the status of the migration and the estimated time until it is complete."

mu new lic file sails in both 5.5 and 5.6 ticket 600455  is still open

I checked that ticket, and it appears that your license was reset about 40 minutes after your post.  The license shows as Unregistered in your portal.  I imagine that you can't allow the LEM to communicate with the Internet on your network, so you may need to activate the license manually.  I created a doc to help with that process if the Automatic registration fails: Manual License Generation

i try  to do the 5.6 upgrade, why is this product  so outdated that i have to go into a ssh linux shell and perform archaic  commands. why cant i do it from the gui?

I'm not sure how to address this.  You can certainly create a feature request for that function in the GUI, but a lot of Linux Appliances (and not just Solarwinds products) are command-line based.  Take a look at CentOS, for example.

have to use the root account. how do i set the passwd, I CANT, can it be changed?. NO , but if you do chnage it ...., sw will not support the product  hu??? this is very insecure if i cant change my own prod cut passwords and the vendor is the holder of them (;

We provide the CMC shell as a means for customers to do the configuration and maintenance tasks that should be required on the LEM.  Root access would allow customers to tamper with the alert DB, and where the LEM is used in many cases as an auditing platform to satisfy compliance, allowing customers to alter the alert DB would seriously degrade the value of the LEM.  In limited circumstances, we can provide the root passwords to customers, but it's with the understanding that any changes made to the system with those credentials might make it impossible for us to fix/support future issues.


The LEM root passwords are unique to every appliance, so there's no risk that someone is going to Google your root access password.  Since the LEM shouldn't be accessible from outside your network, we won't access the LEM without you helping us get that access anyway, so the root account should be pretty safe.  You can also run the restrictssh command on the LEM if you want to further lock-down root access.


admin roles, why cant i add and remove function ie , net admin, db admin, log admin, update admins. they are all admins, but each has  separate  roles and responsibilities

There are roles that can be assigned to users in the LEM Build --> Users Interface.  There's documentation here: SolarWinds Knowledge Base :: Creating Users in the LEM Console  You can assign roles to these users, which will restrict what they can and can't do in the LEM console.

2014-04-09 07_04_32-SolarWinds Log and Event Manager Console.png

Since the LEM is sold and deployed as an Appliance, it's intended to be self-maintaining once initial configuration is complete.  You shouldn't have to manually work on the LEM DB (and don't have access to do so by design).  Network settings and LEM tool and system updates are controlled in the CMC shell.  Log Admins could be like the Auditor or Monitor role in the LEM console.

there is no documentation for the CMC account

Connecting to the LEM via SSH is detailed here: SolarWinds Knowledge Base :: Use an SSH client to connect to your LEM appliance

There are many articles on the Solarwinds KB that will direct you to run commands in the CMC shell.  You might request a CMC admin guide (and maybe I'll work on that as a side-project), but the commands are described in the KBs that call for them. For example:

there is sparse documentation for the use of the root account

Correct.  As described above, end-customers shouldn't be using the root account.  If you do have access to root, you need to have a moderate to advanced knowledge of Linux, or you risk breaking the LEM beyond our ability to support ot fix it.

I hope this is helpful and useful to you.

Level 9

Glad you are working on the FIPS cert statement. Does that mean snmp v3 will be supported soon? Or secure syslog?

Level 8

Can you add LEM monitoring with your other products (i.e SAM/NPM)? More than just ICMP.

About the Author
Standing side by side with teammates, jumping up and down, waiting to exit the tunnel as tens of thousands of fans rise to their feet and erupt with the thunderous roar of clapping in unison...this was one of my fondest memories from my time at the University of Texas. Unfortunately, I was just one of the clapping fans. At five foot eight and a buck fifty, it's probably better that way. I will spare you the long job history... Before I went to the dark side (of product marketing):  IBM RS6000 division  IBM Global Services Transitioning (the force was strong):  Tivoli Systems (assimilation into IBM) May as well have been Darth Vader: PentaSafe (startup acquired) -> NetIQ Identity Mgmt Division in Sun Microsystems SolarWinds - 2nd PM UnboundID SolarWinds (Yes, I couldn't stay away, so I'm back!) So, I've now been at SolarWinds for a long time (especially if you don't count my brief sabbatical) - long enough to have been involved in PM'ing virtually every Orion platform-based product in the portfolio. More than you ever wanted to know about me... I could eat sushi every day. I prefer Cabernets and Merlots over Pinots, despite the guidance from Sideways fanatics. I've intentionally avoided playing WoW for fear I would never stop. I disagree vehemently with my wife that watching college football all day Saturday and then NFL all day on Sunday is excessive.