1 Reply Latest reply on Nov 18, 2014 12:17 PM by Chet Camlin

    Who is using LEM as a SIEM working in the DoD?

    yeah yeah

      If so, how are you all using it? I want to use it more than just a log collector or troubleshooting server/application events. I want to use it review security information and events. Review advanced persistent threats. Majority of my environment is 2008/2012 with a lot of Sharepoint and IIS applications. Few network devices (L2 and L3 switches). SQL clusters.

       

      Just curious how you all are using it and things that I could do to make the implementation better. Just haven't gotten much out of it yet.

        • Re: Who is using LEM as a SIEM working in the DoD?
          Chet Camlin

          We have installed and configured LEM for civilian, DOE and DOD agencies. I have a current project underway configuring LEM to inspect devices for DISA STIG settings.  LEM is a somewhat complicated product. It is so configurable that there is no definitive source of "How To" guidance to follow after you get it installed and collecting data.   Our company provides training, installation and configuration support for all SolarWinds products.  Our web site. http://adiit.com/solarwinds/