0 Replies Latest reply on Feb 27, 2015 11:47 AM by aloader

    LEM alert


      Good afternoon,


      I logged into my LEM this morning and had over 500 alerts in my email for Domain ANONYMOUS LOGON by.  This triggers a 'domain modification' rule that I have set.  I have the rule set as follows:


      auditable events (all).source account NOT EQUAL to admin accounts, admin groups or $


      I'm just wondering if this is something I should be concerned with? I done some research and understand that the c:\ system files will 'logon' when executing tasks in and around the file system.


      Thanks in advance,