Are there any parameters or correlations that can be used to created a LEM rule to alert for any and all logs for a specific IP coming in and out? I have a file server I need to monitor, but I cannot create any rule that is generic enough to cache different types of data.
Is there anything that can be recommended? Plus, possibly any other rules that may be valuable to set for DLP monitoring rule set for this file server?
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community.
More than 150,000 members are here to solve problems, share technology and best practices, and directly
contribute to our product development process.
Learn more today by joining now.