• State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 22 subscribers
  • Views 463 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

LEM -- add new node

FormerMember
FormerMember

Hello,

I have installed LEM v 5.7.0 for testing. 

As a first step, I am trying to add a new node (Cisco router) but it's failing. I have configured the router to send syslog and I can see the packets using wireshark.

However, the device doesn't appear on the web interface. I get the following message:

No nodes found

LEM has not found any new nodes or connectors in the Syslog files that are being monitored.

If you are expecting messages from new nodes, please check to make sure the device is configured correctly to send Syslog messages to LEM. It may also take some time for the node to send a Syslog message.

What am I missing? I have followed the steps mentioned in the tutorial.

Thanks,

Justine.

  • 0

    For network devices you need to go to manage -> appliances.  Then set up your connector from there.  Make sure the logging facility line in your router matches the log file.

    logging facility local2

    Capture.JPG

    Then you need to set up a filter to capture the traffic.  The easiest is to set up a new filter and choose any alert -> tool alias = "ASA" to match your connector alias.  Alert.ToolAlias = *ASA*. 

  • FormerMember
    0 FormerMember in reply to evanr

    Thanks for the reply,

    I didn't find where I can create the filter. Can you provide more details?

    I have a connector already created and it is connected (I didn't create it).

    Thanks,

    Justine.

  • 0 in reply to FormerMember

    Monitor -> Filters -> + sign -> new filter.  Then under event groups highlight any alert and below that choose tool alias and drag it to your conditions.  So it should read Any Alert.ToolAlias = (This is where you want to put the name of your alias in the connector).  Name it and save it and you should start to see logs coming in provided your network device & connector are set up correctly.

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.