3 Replies Latest reply on Jun 14, 2016 9:17 AM by curtisi

    Windows OS Rules

    fahad.anis

      Dear All

       

      We have procured the Solarwinds LEM software and stuck in deployment. Currently agents (Solaris, Linux, Windows and Network Devices) are connected on console but we are not able to configure the rules that can alert all the OS level.

       

      Can someone help us in configuring the rules for OS level alerts?

        • Re: Windows OS Rules
          curtisi

          With rules, the first thing to do is make sure the LEM has the correct time.

           

          1. SSH into LEM or open the Virtual Console
            • If you went to the console, pick "Advanced Configuration"
          2. Go to the APPLIANCE menu
          3. Enter DATECONFIG
          4. Press ENTER 4 or 5 times, don't enter any values.  The LEM should return it's current date, time and timezone.  Is all this correct?

           

          If not: re-run DATECONFIG to change the date and time, run TZCONFIG to set the timezone and/or run NTPCONFIG to set an NTP source.

           

          Now, have you looked at the rule templates provided with LEM?  What are you trying to alert on?

            • Re: Windows OS Rules
              fahad.anis

              Curtisi

               

              Thanks for your reply.

               

              I followed the same steps but not able to get the time sync.

               

              In our infra, most of the WIndows host i..e Server 2008 R2 and we are PCI compliance company. We want to monitor all the OS level logs related to PCI and enable the rule for the same. Please help.

            • Re: Windows OS Rules
              curtisi

              Go to Build --> Rules in the LEM, open the Compliance section and pick PCI.  That will highlight the rule templates for PCI.  Turn them on at your discretion.