0 Replies Latest reply on Feb 27, 2015 11:47 AM by aloader

    LEM alert

    aloader

      Good afternoon,

       

      I logged into my LEM this morning and had over 500 alerts in my email for Domain ANONYMOUS LOGON by.  This triggers a 'domain modification' rule that I have set.  I have the rule set as follows:

       

      auditable events (all).source account NOT EQUAL to admin accounts, admin groups or $

       

      I'm just wondering if this is something I should be concerned with? I done some research and understand that the c:\ system files will 'logon' when executing tasks in and around the file system.

       

      Thanks in advance,

       

      A