0 Replies Latest reply on Mar 10, 2016 9:22 AM by yutznut

    Logon failure options for whitelisting

    yutznut

      We use Nessus in conjunction with LEM (6.1).  Some of our Nessus scans are designed to check for and attempt to use ...\administrator on Windows devices.  I need to whitelist this activity by Source IP or whatever I can on the LEM for all of our Nessus Scanners.  I only need the results of the Nessus scan in the Nessus app.  I do not need to see

       

      NetworkIncidentlogon failure "\administrator"---------------- redacted ----------------------9:08:14 Thu Mar 10 20169:08:14 Thu Mar 10 20164vista securityCritical Account Logon Failuresmicrosoft-windows-security-auditing 4625

       

      or get the email spam a predecessor decided to set up.

       

      Any help?

       

      I'd prefer to just whitelist all activity from my Nessus scanners as far as the LEM is concerned. 

       

      thanks folks.